mirror of https://github.com/gorhill/uBlock.git
Safari: inline-script blocking!
This commit is contained in:
parent
82b97760db
commit
82118cb075
|
@ -700,10 +700,10 @@
|
|||
// Until Safari has more specific events, those are instead handled
|
||||
// in the onBeforeRequestAdapter; clean them up so they're garbage-collected
|
||||
vAPI.net.onBeforeSendHeaders = null;
|
||||
vAPI.net.onHeadersReceived = null;
|
||||
|
||||
var onBeforeRequest = vAPI.net.onBeforeRequest,
|
||||
onBeforeRequestClient = onBeforeRequest.callback,
|
||||
onHeadersReceivedClient = vAPI.net.onHeadersReceived.callback,
|
||||
blockableTypes = onBeforeRequest.types;
|
||||
|
||||
var onBeforeRequestAdapter = function(e) {
|
||||
|
@ -719,9 +719,10 @@
|
|||
});
|
||||
e.message.hostname = µb.URI.hostnameFromURI(e.message.url);
|
||||
e.message.tabId = vAPI.tabs.getTabId(e.target);
|
||||
var blockVerdict = onBeforeRequestClient(e.message);
|
||||
if(blockVerdict && blockVerdict.redirectUrl) {
|
||||
e.target.url = blockVerdict.redirectUrl;
|
||||
e.message.responseHeaders = [];
|
||||
onBeforeRequestClient(e.message);
|
||||
var blockVerdict = onHeadersReceivedClient(e.message);
|
||||
if(blockVerdict && blockVerdict.responseHeaders) {
|
||||
e.message = false;
|
||||
}
|
||||
else {
|
||||
|
|
|
@ -174,8 +174,9 @@
|
|||
}
|
||||
|
||||
// Inform that we've navigated
|
||||
var shouldBlockScript = false;
|
||||
if(frameId === 0) {
|
||||
safari.self.tab.canLoad(beforeLoadEvent, {
|
||||
shouldBlockScript = !safari.self.tab.canLoad(beforeLoadEvent, {
|
||||
url: location.href,
|
||||
type: "main_frame"
|
||||
});
|
||||
|
@ -225,6 +226,12 @@
|
|||
var firstMutation = function() {
|
||||
document.removeEventListener("DOMContentLoaded", firstMutation, true);
|
||||
firstMutation = false;
|
||||
if(shouldBlockScript) {
|
||||
var meta = document.createElement('meta');
|
||||
meta.setAttribute("http-equiv", "content-security-policy");
|
||||
meta.setAttribute("content", "script-src 'unsafe-eval' *");
|
||||
}
|
||||
document.documentElement.insertBefore(meta, document.documentElement.firstChild);
|
||||
document.addEventListener(vAPI.sessionId, function(e) {
|
||||
if(shouldBlockDetailedRequest(e.detail)) {
|
||||
e.detail.url = false;
|
||||
|
|
Loading…
Reference in New Issue