Mirrors
/
noscript
mirror of https://github.com/hackademix/noscript.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Always use correct context when setting CSP headers.

This commit is contained in:
hackademix 2022-02-14 18:50:02 +01:00
parent 3e53483c88
commit 9c7fd70d57
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/bg/RequestGuard.js
View File

@ -536,7 +536,7 @@ var RequestGuard = (() => {
let capabilities; let capabilities;
if (ns.isEnforced(tabId)) { if (ns.isEnforced(tabId)) {
let policy = ns.policy; let policy = ns.policy;
let perms = policy.get(url, documentUrl).perms; let {perms} = policy.get(url, ns.policyContext(request));
if (isMainFrame) { if (isMainFrame) {
if (policy.autoAllowTop && perms === policy.DEFAULT) { if (policy.autoAllowTop && perms === policy.DEFAULT) {
policy.set(Sites.optimalKey(url), perms = policy.TRUSTED.tempTwin); policy.set(Sites.optimalKey(url), perms = policy.TRUSTED.tempTwin);