Should fix some race conditions causing corruptions in non-HTML non-XML documents.

This commit is contained in:
hackademix 2020-09-07 23:18:51 +02:00
parent e0f46a2874
commit 9568584751
2 changed files with 11 additions and 1 deletions

View File

@ -33,6 +33,9 @@ class DocumentCSP {
let root = document.documentElement;
try {
if (!(document instanceof HTMLDocument)) {
if (!(document instanceof XMLDocument)) {
return false; // nothing to do with ImageDocument, for instance
}
// non-HTML XML documents ignore <meta> CSP unless wrapped in
// - <html><head></head></head> on Gecko
// - just <head></head> on Chromium

View File

@ -24,6 +24,7 @@
ns.on("capabilities", () => {
let {readyState} = document;
debug("Readystate: %s, suppressedScripts = %s, canScript = %s", readyState, DocumentFreezer.suppressedScripts, ns.canScript);
if (!ns.canScript) {
@ -45,6 +46,12 @@
try {
let doc = window.wrappedJSObject.document;
removeEventListener("DOMContentLoaded", softReload, true);
let isDir = document.querySelector("link[rel=stylesheet][href^='chrome:']")
&& document.querySelector(`base[href^="${url}"]`);
if (isDir || document.contentType !== "text/html") {
throw new Error(`Can't document.write() on ${isDir ? "directory listings" : document.contentType}`)
}
doc.open();
console.debug("Opened", doc.documentElement);
DocumentFreezer.unfreeze();
@ -55,7 +62,7 @@
debug("Written", html)
})();
} catch (e) {
debug("Can't use document.write(), XML document?");
debug("Can't use document.write(), XML document?", e);
try {
DocumentFreezer.unfreeze();
let scripts = [], deferred = [];