More robust policy fetching.
This commit is contained in:
hackademix
parent
b6383d248d
commit
b27771aef0
|
|
@ -668,6 +668,7 @@ var RequestGuard = (() => {
|
||||||
ns.domPolicy = domPolicy;
|
ns.domPolicy = domPolicy;
|
||||||
if (ns.setup) {
|
if (ns.setup) {
|
||||||
if (ns.syncSetup) ns.syncSetup(domPolicy);
|
if (ns.syncSetup) ns.syncSetup(domPolicy);
|
||||||
|
else ns.setup(domPolicy);
|
||||||
} ;
|
} ;
|
||||||
} else {
|
} else {
|
||||||
window.ns = {domPolicy}
|
window.ns = {domPolicy}
|
||||||
|
|
|
||||||
|
|
@ -75,10 +75,11 @@
|
||||||
if (this.syncFetchPolicy) {
|
if (this.syncFetchPolicy) {
|
||||||
// extra hops to ensure that scripts don't run when CSP has not been set through HTTP headers
|
// extra hops to ensure that scripts don't run when CSP has not been set through HTTP headers
|
||||||
this.syncFetchPolicy();
|
this.syncFetchPolicy();
|
||||||
} else {
|
return;
|
||||||
this.pendingSyncFetchPolicy = true;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
this.pendingSyncFetchPolicy = true;
|
||||||
|
|
||||||
if (!sync) {
|
if (!sync) {
|
||||||
queueMicrotask(() => this.fetchPolicy(true));
|
queueMicrotask(() => this.fetchPolicy(true));
|
||||||
return;
|
return;
|
||||||
|
|
|
||||||
|
|
@ -22,6 +22,9 @@
|
||||||
|
|
||||||
(window.ns || (window.ns = {})).syncFetchPolicy = function() {
|
(window.ns || (window.ns = {})).syncFetchPolicy = function() {
|
||||||
|
|
||||||
|
ns.pendingSyncFetchPolicy = false;
|
||||||
|
ns.syncFetchPolicy = () => {};
|
||||||
|
|
||||||
let url = document.URL;
|
let url = document.URL;
|
||||||
|
|
||||||
// Here we've got no CSP header yet (file: or ftp: URL), we need one
|
// Here we've got no CSP header yet (file: or ftp: URL), we need one
|
||||||
|
|
@ -32,18 +35,17 @@
|
||||||
|
|
||||||
if (window.wrappedJSObject) {
|
if (window.wrappedJSObject) {
|
||||||
if (top === window) {
|
if (top === window) {
|
||||||
|
let persistentPolicy = null;
|
||||||
ns.syncSetup = policy => {
|
ns.syncSetup = policy => {
|
||||||
if (!ns.setup(policy)) return;
|
if (persistentPolicy) return;
|
||||||
if (top === window && window.wrappedJSObject) {
|
ns.setup(policy);
|
||||||
let persistentPolicy = JSON.stringify(policy);
|
persistentPolicy = JSON.stringify(policy);
|
||||||
Object.freeze(persistentPolicy);
|
Object.freeze(persistentPolicy);
|
||||||
try {
|
try {
|
||||||
Object.defineProperty(window.wrappedJSObject, "_noScriptPolicy", {value: cloneInto(persistentPolicy, window)});
|
Object.defineProperty(window.wrappedJSObject, "_noScriptPolicy", {value: cloneInto(persistentPolicy, window)});
|
||||||
} catch(e) {
|
} catch(e) {
|
||||||
error(e);
|
error(e);
|
||||||
}
|
|
||||||
}
|
}
|
||||||
ns.syncSetup = () => {};
|
|
||||||
};
|
};
|
||||||
} else try {
|
} else try {
|
||||||
if (top.wrappedJSObject._noScriptPolicy) {
|
if (top.wrappedJSObject._noScriptPolicy) {
|
||||||
|
|
@ -239,6 +241,5 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
if (ns.pendingSyncFetchPolicy) {
|
if (ns.pendingSyncFetchPolicy) {
|
||||||
ns.pendingSyncFetchPolicy = false;
|
|
||||||
ns.syncFetchPolicy();
|
ns.syncFetchPolicy();
|
||||||
}
|
}
|
||||||
Loading…
Reference in New Issue