fix #1539

2017-09-11 09:53:42 -04:00 · 2017-09-11 09:53:42 -04:00 · dfe18111b9
parent 462406ecf1
commit dfe18111b9
2 changed files with 30 additions and 9 deletions
--- a/src/js/pagestore.js
+++ b/src/js/pagestore.js
@ -598,8 +598,10 @@ PageStore.prototype.filterRequest = function(context) {
        }
    }

-    if ( requestType === 'font' ) {
-        this.remoteFontCount += 1;
+    if ( requestType.endsWith('font') ) {
+        if ( requestType === 'font' ) {
+            this.remoteFontCount += 1;
+        }
        if ( µb.hnSwitches.evaluateZ('no-remote-fonts', context.rootHostname) !== false ) {
            if ( µb.logger.isEnabled() ) {
                this.logData = µb.hnSwitches.toLogData();
--- a/src/js/traffic.js
+++ b/src/js/traffic.js
@ -443,20 +443,17 @@ var injectCSP = function(pageStore, details) {
    if ( details.type !== 'main_frame' ) {
        context.pageHostname = context.pageDomain = context.requestHostname;
    }
+    context.requestURL = requestURL;

    // Start collecting policies >>>>>>>>

    // ======== built-in policies

+    var builtinDirectives = [];
+
    context.requestType = 'inline-script';
-    context.requestURL = requestURL;
    if ( pageStore.filterRequest(context) === 1 ) {
-        cspSubsets[0] = "script-src 'unsafe-eval' * blob: data:";
-        // https://bugs.chromium.org/p/chromium/issues/detail?id=669086
-        // TODO: remove when most users are beyond Chromium v56
-        if ( vAPI.chromiumVersion < 57 ) {
-            cspSubsets[0] += '; frame-src *';
-        }
+        builtinDirectives.push("script-src 'unsafe-eval' * blob: data:");
    }
    if ( loggerEnabled === true ) {
        logger.writeOne(
@ -470,6 +467,28 @@ var injectCSP = function(pageStore, details) {
        );
    }

+    // https://github.com/gorhill/uBlock/issues/1539
+    // - Use a CSP to also forbid inline fonts if remote fonts are blocked.
+    context.requestType = 'inline-font';
+    if ( pageStore.filterRequest(context) === 1 ) {
+        builtinDirectives.push('font-src *');
+        if ( loggerEnabled === true ) {
+            logger.writeOne(
+                tabId,
+                'net',
+                pageStore.logData,
+                'inline-font',
+                requestURL,
+                context.rootHostname,
+                context.pageHostname
+            );
+        }
+    }
+
+    if ( builtinDirectives.length !== 0 ) {
+        cspSubsets[0] = builtinDirectives.join('; ');
+    }
+
    // ======== filter-based policies

    // Static filtering.