Improved unscanned POST blocking.
This commit is contained in:
parent
cab9d0ea74
commit
169d5f085a
|
@ -246,8 +246,8 @@ var XSS = (() => {
|
||||||
request.requestBody && request.requestBody.formData &&
|
request.requestBody && request.requestBody.formData &&
|
||||||
ic.checkPost(request.requestBody.formData, skipParams)
|
ic.checkPost(request.requestBody.formData, skipParams)
|
||||||
: XSS.xssBlockUnscannedPOST &&
|
: XSS.xssBlockUnscannedPOST &&
|
||||||
request.documentUrl && // exclude non-document POSTs, such as url bar searches
|
(request.originUrl || request.documentUrl) && // exclude non-document POSTs, such as url bar searches
|
||||||
ns.requestCan(request, "script") && _("UnscannedXPost")
|
ns.requestCan(request, "script") && ("\n" + _("UnscannedXPost"))
|
||||||
);
|
);
|
||||||
|
|
||||||
let protectName = ic.nameAssignment;
|
let protectName = ic.nameAssignment;
|
||||||
|
|
Loading…
Reference in New Issue