mirror of https://github.com/gorhill/uBlock.git
prevent use of `url()` in injected styles
This commit is contained in:
parent
cdabab7da5
commit
41b20cac3f
|
@ -755,8 +755,9 @@ FilterContainer.prototype.isValidSelector = (function() {
|
||||||
}
|
}
|
||||||
|
|
||||||
var reHasSelector = /^(.+?):has\((.+?)\)$/;
|
var reHasSelector = /^(.+?):has\((.+?)\)$/;
|
||||||
var reStyleSelector = /^(.+?):style\((.+?)\)$/;
|
|
||||||
var reXpathSelector = /^:xpath\((.+?)\)$/;
|
var reXpathSelector = /^:xpath\((.+?)\)$/;
|
||||||
|
var reStyleSelector = /^(.+?):style\((.+?)\)$/;
|
||||||
|
var reStyleBad = /url\([^)]+\)/;
|
||||||
|
|
||||||
// Keep in mind: https://github.com/gorhill/uBlock/issues/693
|
// Keep in mind: https://github.com/gorhill/uBlock/issues/693
|
||||||
var isValidCSSSelector = function(s) {
|
var isValidCSSSelector = function(s) {
|
||||||
|
@ -793,7 +794,7 @@ FilterContainer.prototype.isValidSelector = (function() {
|
||||||
// `:style` selector?
|
// `:style` selector?
|
||||||
matches = reStyleSelector.exec(s);
|
matches = reStyleSelector.exec(s);
|
||||||
if ( matches !== null ) {
|
if ( matches !== null ) {
|
||||||
return isValidCSSSelector(matches[1]);
|
return isValidCSSSelector(matches[1]) && reStyleBad.test(matches[2]) === false;
|
||||||
}
|
}
|
||||||
// Special `script:` filter?
|
// Special `script:` filter?
|
||||||
if ( s.startsWith('script') ) {
|
if ( s.startsWith('script') ) {
|
||||||
|
|
Loading…
Reference in New Issue