summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorhackademix2019-04-08 15:46:52 +0200
committerhackademix2019-04-08 15:46:52 +0200
commit7ab201e13360dbd118a98ab46cf226bb1d249517 (patch)
treefff0ba700f45d23da0f293f85e34c3dff01ed214
parenta489c192d6ab3bc70cf6af90f4a60c04a2a76a9d (diff)
downloadnoscript-7ab201e13360dbd118a98ab46cf226bb1d249517.tar.gz
noscript-7ab201e13360dbd118a98ab46cf226bb1d249517.tar.xz
noscript-7ab201e13360dbd118a98ab46cf226bb1d249517.zip
Catch SecurityException thrown on cross-origin wrappedJSObject access.
-rw-r--r--src/content/staticNS.js7
1 files changed, 6 insertions, 1 deletions
diff --git a/src/content/staticNS.js b/src/content/staticNS.js
index 3561162..7959341 100644
--- a/src/content/staticNS.js
+++ b/src/content/staticNS.js
@@ -69,7 +69,12 @@
// The cookie hack won't work for non-HTTP subframes (issue #48),
// or the cookie might have been deleted in a race condition,
// so here we try to check the parent
- let checkParent = parent.wrappedJSObject.checkNoScriptUnrestricted;
+ let checkParent = null;
+ try {
+ checkParent = parent.wrappedJSObject.checkNoScriptUnrestricted;
+ } catch (e) {
+ // may throw a SecurityException for cross-origin wrappedJSObject access
+ }
if (typeof checkParent === "function") {
try {
let challenge = uuid();