summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorhackademix2020-01-08 15:45:02 +0100
committerhackademix2020-01-08 15:45:02 +0100
commit34746e8be45aeb4b928a259a54e47492cf5f64af (patch)
tree8f075e5507e287be759a89199f15d86fb611920b
parentae8317da006bf21bd5046fe6f782c9b2d5b131d4 (diff)
downloadnoscript-34746e8be45aeb4b928a259a54e47492cf5f64af.tar.gz
noscript-34746e8be45aeb4b928a259a54e47492cf5f64af.tar.xz
noscript-34746e8be45aeb4b928a259a54e47492cf5f64af.zip
Unrestricted tab support for service workers and their included 3rd party scripts.
-rw-r--r--src/bg/RequestGuard.js20
1 files changed, 15 insertions, 5 deletions
diff --git a/src/bg/RequestGuard.js b/src/bg/RequestGuard.js
index b3c8956..10ccfdb 100644
--- a/src/bg/RequestGuard.js
+++ b/src/bg/RequestGuard.js
@@ -308,7 +308,7 @@ var RequestGuard = (() => {
let {policy} = ns;
let policyType = policyTypesMap[request.type];
if (policyType) {
- let {url, originUrl, documentUrl} = request;
+ let {url, originUrl, documentUrl, tabId} = request;
let isFetch = "fetch" === policyType;
if ((isFetch || "frame" === policyType) &&
@@ -329,13 +329,23 @@ var RequestGuard = (() => {
request._dataUrl = url;
request.url = url = documentUrl;
}
- let allowed = Sites.isInternal(url) ||
- !ns.isEnforced(request.tabId) ||
- intersectCapabilities(
+
+ let allowed = Sites.isInternal(url);
+ if (!allowed) {
+ if (tabId < 0 && documentUrl && documentUrl.startsWith("https://")) {
+ let origin = Sites.origin(documentUrl);
+ allowed = [...ns.unrestrictedTabs]
+ .some(tabId => TabStatus.hasOrigin(tabId, origin));
+ } else {
+ allowed = !ns.isEnforced(tabId);
+ }
+ if (!allowed) {
+ allowed = intersectCapabilities(
policy.get(url, documentUrl).perms,
request
).has(policyType);
-
+ }
+ }
Content.reportTo(request, allowed, policyType);
if (!allowed) {
debug(`Blocking ${policyType}`, request);