From fba67f09ddedda6182d35b2fa1478115dc766905 Mon Sep 17 00:00:00 2001 From: Wojtek Kosior Date: Thu, 24 Mar 2022 20:42:10 +0100 Subject: allow injected scripts to bypass CORS using provided API --- content/haketilo_apis.js | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) (limited to 'content') diff --git a/content/haketilo_apis.js b/content/haketilo_apis.js index 36e987d..772e843 100644 --- a/content/haketilo_apis.js +++ b/content/haketilo_apis.js @@ -43,7 +43,35 @@ */ #FROM common/browser.js IMPORT browser +#FROM common/misc.js IMPORT error_data_jsonifiable + +async function on_CORS_bypass(event) { + const name = "haketilo_CORS_bypass"; + + console.warn("delme event", event.detail); + + if (typeof event.detail.id !== "string" || + typeof event.detail.data !== "string") { + console.error(`Haketilo: Invalid detail for ${name}:`, + event.detail); + return; + } + + try { + const data = JSON.parse(event.detail.data); + var result = await browser.runtime.sendMessage(["CORS_bypass", data]); + if (result === undefined) + throw new Error("Couldn't communicate with Haketilo background script."); + } catch(e) { + var result = {error: error_data_jsonifiable(e)}; + } + + const response_name = `${name}-${event.detail.id}`; + const detail = JSON.stringify(result); + window.dispatchEvent(new CustomEvent(response_name, {detail})); +} function start() { + window.addEventListener("haketilo_CORS_bypass", on_CORS_bypass); } #EXPORT start -- cgit v1.2.3