"General/Cascade top document's restrictions to subdocuments" option (default true on the Tor Browser).

2019-03-15 23:55:18 +01:00 · 2019-03-15 23:55:18 +01:00 · 921a7910f0
parent c3c3a6a769
commit 921a7910f0
6 changed files with 25 additions and 7 deletions
--- a/src/_locales/en/messages.json
+++ b/src/_locales/en/messages.json
@ -74,6 +74,9 @@
  "CascadePermissions": {
    "message": "Cascade top document's permissions to 3rd party scripts"
  },
+  "CascadeRestrictions": {
+    "message": "Cascade top document's restrictions to subdocuments"
+  },
  "ClearClickDescription": {
    "message": "NoScript intercepted a mouse or keyboard interaction with a partially hidden element. Click on the image below to cycle between the obstructed and the clear version."
  },
--- a/src/bg/Defaults.js
+++ b/src/bg/Defaults.js
@ -12,6 +12,7 @@ var Defaults = {
      sync: {
        global: false,
        xss: true,
+        cascadeRestrictions : false,
        xssScanRequestBody: true,
        xssBlockUnscannedPOST: false,
        overrideTorBrowserPolicy: false, // note: Settings.update() on reset will flip this to true
--- a/src/bg/RequestGuard.js
+++ b/src/bg/RequestGuard.js
@ -326,7 +326,7 @@ var RequestGuard = (() => {
            capabilities = perms.capabilities;
          } else {
            capabilities = perms.capabilities;
-            if (frameAncestors.length > 0) {
+            if (frameAncestors.length > 0 && ns.sync.cascadeRestrictions) {
              // cascade top document's restrictions to subframes
              let topUrl = frameAncestors.pop().url;
              let topPerms = policy.get(topUrl, topUrl).perms;
--- a/src/bg/Settings.js
+++ b/src/bg/Settings.js
@ -91,6 +91,7 @@ var Settings = {
    if (isTorBrowser) {
      // Tor Browser-specific settings
      ns.defaults.local.isTorBrowser = true; // prevents reset from forgetting
+      ns.defaults.sync.cascadeRestrictions = true; // we want this to be the default even on reset
      if (!this.gotTorBrowserInit) {
        // First initialization message from the Tor Browser
        this.gotTorBrowserInit = true;
@ -105,11 +106,20 @@ var Settings = {
      } else {
        reloadOptionsUI = true;
      }
-      if (!settings.local) settings.local = {};
-      settings.local.isTorBrowser = true;
-      if (!settings.sync) settings.sync = {};
-      settings.sync.xssScanRequestBody = false;
-      settings.sync.xssBlockUnscannedPOST = true;
+
+      let torBrowserSettings = {
+        local: {
+          isTorBrowser: true,
+        },
+        sync: {
+          cascadeRestrictions: true,
+          xssScanRequestBody: false,
+          xssBlockUnscannedPOST: true,
+        }
+      }
+      for (let [storage, prefs] of Object.entries(torBrowserSettings)) {
+        settings[storage] = Object.assign(settings[storage] || {}, prefs);
+      }
    }

    if (settings.sync === null) {
--- a/src/ui/options.html
+++ b/src/ui/options.html
@ -44,7 +44,9 @@
  <span id="auto-opt">
  <input type="checkbox" class="enforcement_required" id="opt-auto"><label for="opt-auto" id="lbl-auto">__MSG_AutoAllowTopLevel__</label>
  </span>
-
+  <span id="cascadeRestrictions-opt">
+  <input type="checkbox" class="enforcement_required" id="opt-cascadeRestrictions"><label for="opt-cascadeRestrictions" id="lbl-cascadeRestrictions">__MSG_CascadeRestrictions__</label>
+  </span>
  </div>

  <fieldset class="enforcement_required">
--- a/src/ui/options.js
+++ b/src/ui/options.js
@ -32,6 +32,8 @@
    return policy.autoAllowTop;
  });

+  opt("cascadeRestrictions");
+
  opt("xss");
  opt("xssScanRequestBody");
  opt("xssBlockUnscannedPOST");