From 2d14874d69f3311374292cad91f82ea4d51c9fa5 Mon Sep 17 00:00:00 2001 From: Raymond Hill Date: Sun, 31 Dec 2017 19:25:50 -0500 Subject: [PATCH] code review for deeb211c5d489af0 --- src/js/contentscript-start.js | 3 ++- src/js/messaging.js | 21 +++++++++------------ src/js/traffic.js | 4 ++-- 3 files changed, 13 insertions(+), 15 deletions(-) diff --git a/src/js/contentscript-start.js b/src/js/contentscript-start.js index 605b89c..cb35321 100644 --- a/src/js/contentscript-start.js +++ b/src/js/contentscript-start.js @@ -36,7 +36,8 @@ { what: 'securityPolicyViolation', policy: ev.originalPolicy, - url: ev.documentURI + blockedURI: ev.blockedURI, + documentURI: ev.documentURI } ); }); diff --git a/src/js/messaging.js b/src/js/messaging.js index c77e129..28a8e52 100644 --- a/src/js/messaging.js +++ b/src/js/messaging.js @@ -514,6 +514,7 @@ var onMessage = function(request, sender, callback) { var tabId = sender && sender.tab ? sender.tab.id || 0 : 0, tabContext = µm.tabContextManager.lookup(tabId), + rootHostname = tabContext && tabContext.rootHostname, pageStore = µm.pageStoreFromTabId(tabId); // Sync @@ -535,8 +536,8 @@ var onMessage = function(request, sender, callback) { case 'mustRenderNoscriptTags?': if ( tabContext === null ) { break; } response = - µm.tMatrix.mustBlock(tabContext.rootHostname, tabContext.rootHostname, 'script') && - µm.tMatrix.evaluateSwitchZ('noscript-spoof', tabContext.rootHostname); + µm.tMatrix.mustBlock(rootHostname, rootHostname, 'script') && + µm.tMatrix.evaluateSwitchZ('noscript-spoof', rootHostname); if ( pageStore !== null ) { pageStore.hasNoscriptTags = true; } @@ -544,25 +545,21 @@ var onMessage = function(request, sender, callback) { case 'securityPolicyViolation': if ( request.policy !== µm.cspNoWorkerSrc ) { break; } + var url = µm.URI.hostnameFromURI(request.blockedURI) !== '' ? + request.blockedURI : + request.documentURI; if ( pageStore !== null ) { pageStore.hasWebWorkers = true; - pageStore.recordRequest('script', request.url, true); + pageStore.recordRequest('script', url, true); } if ( tabContext !== null ) { - µm.logger.writeOne( - tabId, - 'net', - tabContext.rootHostname, - request.url, - 'worker', - true - ); + µm.logger.writeOne(tabId, 'net', rootHostname, url, 'worker', true); } break; case 'shutdown?': if ( tabContext !== null ) { - response = µm.tMatrix.evaluateSwitchZ('matrix-off', tabContext.rootHostname); + response = µm.tMatrix.evaluateSwitchZ('matrix-off', rootHostname); } break; diff --git a/src/js/traffic.js b/src/js/traffic.js index 79be08e..efd4909 100644 --- a/src/js/traffic.js +++ b/src/js/traffic.js @@ -313,7 +313,7 @@ var onHeadersReceived = function(details) { if ( µm.cspNoWorkerSrc === undefined ) { µm.cspNoWorkerSrc = vAPI.webextFlavor.startsWith('Mozilla-') ? - "child-src 'none'; frame-src data: blob: *" : + "child-src 'none';frame-src data: blob: *" : "worker-src 'none'" ; } @@ -334,7 +334,7 @@ var onHeadersReceived = function(details) { // A CSP header is already present: just add our own directive as a // separate disposition (i.e. use comma). if ( i !== -1 ) { - headers[i].value += ', ' + cspDirectives; + headers[i].value += ',' + cspDirectives; } else { headers.push({ name: 'Content-Security-Policy', value: cspDirectives }); }