[TabGuard] Remove Set-Cookie headers from anonymized requests to prevent unreversible authorization loss.

src/bg/RequestGuard.js

@@ -633,7 +633,6 @@ var RequestGuard = (() => {
       normalizeRequest(request);
       let result = ALLOW;
       let promises = [];
-      let headersModified = false;
 
       pending.headersProcessed = true;
       let {url, documentUrl, tabId, responseHeaders, type} = request;
@@ -658,6 +657,7 @@ var RequestGuard = (() => {
             capabilities && !capabilities.has("script"));
         }
         let header = csp.patchHeaders(responseHeaders, capabilities);
+        let headersModified = TabGuard.onReceive(request);
         /*
         // Uncomment me to disable networking-level CSP for debugging purposes
         header = null;

src/bg/TabGuard.js

@@ -55,6 +55,7 @@ var TabGuard = (() => {
 
   return {
     forget,
+    // must be called from a webRequest.onBeforeSendHeaders blocking listener
     onSend(request) {
       const mode = ns.sync.TabGuardMode;
       if (mode === "off" || !request.incognito && mode!== "global") return;
@@ -200,6 +201,21 @@ var TabGuard = (() => {
         return mustFilter ? filterAuth() : null;
       })();
     },
+    // must be called from a webRequest.onHeadersReceived blocking listener
+    onReceive(request) {
+      if (!anonymizedRequests.has(request.id)) return false;
+      let headersModified = false;
+      let {responseHeaders} = request;
+      for (let j = responseHeaders.length; j-- > 0;) {
+        let h = responseHeaders[j];
+        if (h.name.toLowerCase() === "set-cookie") {
+          responseHeaders.splice(j, 1);
+          headersModified = true;
+        }
+      }
+      return headersModified;
+    },
+    // must be called after response headers have been processed or the load has been otherwise terminated
     onCleanup(request) {
       let {requestId, tabId} = request;
       if (scheduledCuts.has(requestId)) {