Mirrors
/
noscript
mirror of https://github.com/hackademix/noscript.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[XSS] Skip naps when InjectionChecker runs in its own worker.

This commit is contained in:
hackademix 2021-01-15 17:26:43 +01:00
parent 17f3bfd14b
commit 445d7ff1af
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/lib/Timing.js
View File

@ -31,7 +31,7 @@ class Timing {
throw new TimingException(`Timing: exceeded ${this.longTime}ms timeout`); throw new TimingException(`Timing: exceeded ${this.longTime}ms timeout`);
} }
this.calls = 0; this.calls = 0;
await Timing.sleep(this.pauseTime); if (this.pauseTime > 0) await Timing.sleep(this.pauseTime);
this.lastPause = Date.now(); this.lastPause = Date.now();
return true; return true;
} }

2
src/xss/InjectionCheckWorker.js
View File

@ -36,7 +36,7 @@ include("InjectionChecker.js");
let {timing} = ic; let {timing} = ic;
timingsMap.set(request.requestId, timing); timingsMap.set(request.requestId, timing);
timing.fatalTimeout = true; timing.pauseTime = 0; // skip the default 20ms nap
let postInjection = xssReq.isPost && let postInjection = xssReq.isPost &&
request.requestBody && request.requestBody.formData && request.requestBody && request.requestBody.formData &&