summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorhackademix2018-08-22 18:02:44 +0200
committerhackademix2018-08-22 18:02:44 +0200
commit66ddfcbecc6478f20ac3d9e50d66872e29bd4695 (patch)
tree3abcfb0b110c21d870a5fbf86e85b6ad5c0a6307
parent075a5ad0e0f9b4f9af614194d9c8d21d0ed45184 (diff)
downloadnoscript-66ddfcbecc6478f20ac3d9e50d66872e29bd4695.tar.gz
noscript-66ddfcbecc6478f20ac3d9e50d66872e29bd4695.tar.xz
noscript-66ddfcbecc6478f20ac3d9e50d66872e29bd4695.zip
Fix: Sites.domainImplies() should match subdomains.
-rw-r--r--src/common/Policy.js13
1 files changed, 7 insertions, 6 deletions
diff --git a/src/common/Policy.js b/src/common/Policy.js
index 24c3179..dae369a 100644
--- a/src/common/Policy.js
+++ b/src/common/Policy.js
@@ -25,13 +25,14 @@ var {Permissions, Policy, Sites} = (() => {
static originImplies(originKey, site) {
return originKey === site || site.startsWith(`${originKey}/`);
}
- static domainImplies(domainKey, site, protocol = null) {
- if (!protocol) {
- return (Sites.isSecureDomainKey(domainKey))
- ? Sites.domainImplies(Sites.toggleSecureDomainKey(domainKey, false), site, "https")
- : ["http", "https"].some(protocol => Sites.domainImplies(domainKey, site, protocol));
+
+ static domainImplies(domainKey, site, protocol ="https?") {
+ if (Sites.isSecureDomainKey(domainKey)) {
+ protocol = "https";
+ domainKey = Sites.toggleSecureDomainKey(domainKey, false);
}
- return Sites.originImplies(`${protocol}://${domainKey}`, site);
+ return new RegExp(`^${protocol}://([^/?#:]+\\.)?${domainKey.replace(/\./g, "\\.")}(?:[:/]|$)`)
+ .test(site);
}
static isImplied(site, byKey) {