More robust policy fetching.

2022-02-13 00:16:24 +01:00 · 2022-02-13 00:16:24 +01:00 · b27771aef0
parent b6383d248d
commit b27771aef0
3 changed files with 16 additions and 13 deletions
--- a/src/bg/RequestGuard.js
+++ b/src/bg/RequestGuard.js
@ -668,6 +668,7 @@ var RequestGuard = (() => {
        ns.domPolicy = domPolicy;
        if (ns.setup) {
          if (ns.syncSetup) ns.syncSetup(domPolicy);
+          else ns.setup(domPolicy);
        } ;
      } else {
        window.ns = {domPolicy}
--- a/src/content/staticNS.js
+++ b/src/content/staticNS.js
@ -75,10 +75,11 @@
      if (this.syncFetchPolicy) {
        // extra hops to ensure that scripts don't run when CSP has not been set through HTTP headers
        this.syncFetchPolicy();
-      } else {
-        this.pendingSyncFetchPolicy = true;
+        return;
      }

+      this.pendingSyncFetchPolicy = true;
+
      if (!sync) {
        queueMicrotask(() => this.fetchPolicy(true));
        return;
--- a/src/content/syncFetchPolicy.js
+++ b/src/content/syncFetchPolicy.js
@ -22,6 +22,9 @@

 (window.ns || (window.ns = {})).syncFetchPolicy = function() {

+  ns.pendingSyncFetchPolicy = false;
+  ns.syncFetchPolicy = () => {};
+
  let url = document.URL;

  // Here we've got no CSP header yet (file: or ftp: URL), we need one
@ -32,18 +35,17 @@

  if (window.wrappedJSObject) {
    if (top === window) {
+      let persistentPolicy = null;
      ns.syncSetup = policy => {
-        if (!ns.setup(policy)) return;
-        if (top === window && window.wrappedJSObject) {
-          let persistentPolicy = JSON.stringify(policy);
-          Object.freeze(persistentPolicy);
-          try {
-            Object.defineProperty(window.wrappedJSObject, "_noScriptPolicy", {value: cloneInto(persistentPolicy, window)});
-          } catch(e) {
-            error(e);
-          }
+        if (persistentPolicy) return;
+        ns.setup(policy);
+        persistentPolicy = JSON.stringify(policy);
+        Object.freeze(persistentPolicy);
+        try {
+          Object.defineProperty(window.wrappedJSObject, "_noScriptPolicy", {value: cloneInto(persistentPolicy, window)});
+        } catch(e) {
+          error(e);
        }
-        ns.syncSetup = () => {};
      };
    } else try {
      if (top.wrappedJSObject._noScriptPolicy) {
@ -239,6 +241,5 @@
 };

 if (ns.pendingSyncFetchPolicy) {
-  ns.pendingSyncFetchPolicy = false;
  ns.syncFetchPolicy();
 }