Mirrors
/
noscript
mirror of https://github.com/hackademix/noscript.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Version bump: 10.1.8.23rc1.

This commit is contained in:
hackademix 2018-08-25 11:32:25 +02:00
parent 036cb5d646 a1e567e9ec
commit c646f09a2b
3 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/bg/RequestGuard.js
View File

@ -425,23 +425,25 @@ var RequestGuard = (() => {
(!content.type || /^\s*(?:video|audio|application)\//.test(content.type))) { (!content.type || /^\s*(?:video|audio|application)\//.test(content.type))) {
debug(`Suspicious content type "%s" in request %o with capabilities %o`, debug(`Suspicious content type "%s" in request %o with capabilities %o`,
content.type, request, capabilities); content.type, request, capabilities);
blockedTypes = CSP.types.filter(t => !capabilities.has(t)); blockedTypes = new Set(CSP.types.filter(t => !capabilities.has(t)));
} else if(!canScript) { } else if(!canScript) {
blockedTypes = ["script"]; blockedTypes = new Set(["script"]);
forbidData.add("object"); // data: URIs loaded in objects may run scripts forbidData.add("object"); // data: URIs loaded in objects may run scripts
} else {
blockedTypes = new Set();
} }
for (let type of forbidData) { // object, font, media for (let type of forbidData) { // object, font, media
if (blockedTypes.includes(type)) continue; if (blockedTypes.has(type)) continue;
// HTTP is blocked in onBeforeRequest, let's allow it only and block // HTTP is blocked in onBeforeRequest, let's allow it only and block
// for instance data: and blob: URIs // for instance data: and blob: URIs
let dataBlocker = {name: type, value: "http: https:"}; let dataBlocker = {name: type, value: "http: https:"};
if (blockedTypes) blockedTypes.push(dataBlocker) blockedTypes.add(dataBlocker)
else blockedTypes = [dataBlocker];
} }
debug("Blocked types", blockedTypes);
if (blockedTypes && blockedTypes.length) { if (blockedTypes.size) {
debug("Blocked types", blockedTypes);
blocker = CSP.createBlocker(...blockedTypes); blocker = CSP.createBlocker(...blockedTypes);
} }

1
src/content/content.js
View File

@ -180,7 +180,6 @@ async function init(oldPage = false) {
if (canScript) { if (canScript) {
if (oldPage) { if (oldPage) {
probe(); probe();
setTimeout(() => init(), 200);
return; return;
} }
if (!shouldScript && if (!shouldScript &&

2
src/manifest.json
View File

@ -8,7 +8,7 @@
"strict_min_version": "59.0" "strict_min_version": "59.0"
} }
}, },
"version": "10.1.8.21", "version": "10.1.8.23rc1",
"description": "__MSG_Description__", "description": "__MSG_Description__",
"content_security_policy": "script-src 'self' 'unsafe-eval'; object-src 'none'", "content_security_policy": "script-src 'self' 'unsafe-eval'; object-src 'none'",