Make "Temporarily set top-level sites to TRUSTED" work on Manifest V3 (issue #388).

This commit is contained in:
hackademix 2024-11-21 01:29:29 +01:00
parent 747c059a87
commit 6c1c19984a
No known key found for this signature in database
GPG Key ID: 231A83AFDA9C2434
2 changed files with 16 additions and 8 deletions

View File

@ -817,9 +817,9 @@
} }
}; };
function injectPolicyScript(details) { async function injectPolicyScript(details) {
const {url, tabId, frameId} = details; const {url, tabId, frameId} = details;
const domPolicy = ns.computeChildPolicy({url}, {tab: {id: tabId}, frameId}); const domPolicy = await ns.computeChildPolicy({url}, {tab: {id: tabId}, frameId});
domPolicy.navigationURL = url; domPolicy.navigationURL = url;
const callback = "ns_setupCallback"; const callback = "ns_setupCallback";
if (DocStartInjection.mv3Callbacks) { if (DocStartInjection.mv3Callbacks) {

View File

@ -200,7 +200,7 @@
async fetchChildPolicy({url, contextUrl}, sender) { async fetchChildPolicy({url, contextUrl}, sender) {
await ns.initializing; await ns.initializing;
return ns.computeChildPolicy(...arguments); return await ns.computeChildPolicy(...arguments);
}, },
async openStandalonePopup(tab) { async openStandalonePopup(tab) {
@ -305,7 +305,7 @@
return !this.isEnforced(request.tabId) || this.policy.can(request.url, capability, this.policyContext(request)); return !this.isEnforced(request.tabId) || this.policy.can(request.url, capability, this.policyContext(request));
}, },
computeChildPolicy({url, contextUrl}, sender) { async computeChildPolicy({url, contextUrl}, sender) {
let {tab} = sender; let {tab} = sender;
let policy = ns.policy; let policy = ns.policy;
const {isTorBrowser} = ns.local; const {isTorBrowser} = ns.local;
@ -322,7 +322,8 @@
const tabId = tab ? tab.id : -1; const tabId = tab ? tab.id : -1;
let topUrl; let topUrl;
if (sender.frameId === 0) { const isTop = sender.frameId === 0;
if (isTop) {
topUrl = url; topUrl = url;
} else if (tab) { } else if (tab) {
if (!tab.url) tab = TabCache.get(tabId); if (!tab.url) tab = TabCache.get(tabId);
@ -338,10 +339,17 @@
let permissions, unrestricted, cascaded; let permissions, unrestricted, cascaded;
if (policy) { if (policy) {
let perms = policy.get(url, contextUrl).perms; let perms = policy.get(url, contextUrl).perms;
if (isTop) {
if (policy.autoAllowTop && perms === policy.DEFAULT) {
policy.set(Sites.optimalKey(url), perms = policy.TRUSTED.tempTwin);
await RequestGuard.DNRPolicy?.update();
}
} else {
cascaded = topUrl && ns.sync.cascadeRestrictions; cascaded = topUrl && ns.sync.cascadeRestrictions;
if (cascaded) { if (cascaded) {
perms = policy.cascadeRestrictions(perms, topUrl); perms = policy.cascadeRestrictions(perms, topUrl);
} }
}
permissions = perms.dry(); permissions = perms.dry();
} else { } else {
// otherwise either internal URL or unrestricted // otherwise either internal URL or unrestricted