From fba67f09ddedda6182d35b2fa1478115dc766905 Mon Sep 17 00:00:00 2001
From: Wojtek Kosior <koszko@koszko.org>
Date: Thu, 24 Mar 2022 20:42:10 +0100
Subject: allow injected scripts to bypass CORS using provided API

---
 content/haketilo_apis.js | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

(limited to 'content')

diff --git a/content/haketilo_apis.js b/content/haketilo_apis.js
index 36e987d..772e843 100644
--- a/content/haketilo_apis.js
+++ b/content/haketilo_apis.js
@@ -43,7 +43,35 @@
  */
 
 #FROM common/browser.js IMPORT browser
+#FROM common/misc.js    IMPORT error_data_jsonifiable
+
+async function on_CORS_bypass(event) {
+    const name = "haketilo_CORS_bypass";
+
+    console.warn("delme event", event.detail);
+
+    if (typeof event.detail.id   !== "string" ||
+	typeof event.detail.data !== "string") {
+	console.error(`Haketilo: Invalid detail for ${name}:`,
+		      event.detail);
+	return;
+    }
+
+    try {
+	const data = JSON.parse(event.detail.data);
+	var result = await browser.runtime.sendMessage(["CORS_bypass", data]);
+	if (result === undefined)
+	    throw new Error("Couldn't communicate with Haketilo background script.");
+    } catch(e) {
+	var result = {error: error_data_jsonifiable(e)};
+    }
+
+    const response_name = `${name}-${event.detail.id}`;
+    const detail = JSON.stringify(result);
+    window.dispatchEvent(new CustomEvent(response_name, {detail}));
+}
 
 function start() {
+    window.addEventListener("haketilo_CORS_bypass", on_CORS_bypass);
 }
 #EXPORT start
-- 
cgit v1.2.3