diff options
author | hackademix | 2019-03-15 23:55:18 +0100 |
---|---|---|
committer | hackademix | 2019-03-15 23:55:50 +0100 |
commit | 921a7910f078ebdb963c047fd6a1b5a6d0231c31 (patch) | |
tree | 9fe330b14f60becd800670c55419b82c15a1c80f | |
parent | c3c3a6a76921594d130d1cd638c5111cea820145 (diff) | |
download | noscript-921a7910f078ebdb963c047fd6a1b5a6d0231c31.tar.gz noscript-921a7910f078ebdb963c047fd6a1b5a6d0231c31.tar.xz noscript-921a7910f078ebdb963c047fd6a1b5a6d0231c31.zip |
"General/Cascade top document's restrictions to subdocuments" option (default true on the Tor Browser).
-rw-r--r-- | src/_locales/en/messages.json | 3 | ||||
-rw-r--r-- | src/bg/Defaults.js | 1 | ||||
-rw-r--r-- | src/bg/RequestGuard.js | 2 | ||||
-rw-r--r-- | src/bg/Settings.js | 20 | ||||
-rw-r--r-- | src/ui/options.html | 4 | ||||
-rw-r--r-- | src/ui/options.js | 2 |
6 files changed, 25 insertions, 7 deletions
diff --git a/src/_locales/en/messages.json b/src/_locales/en/messages.json index 13ab4c3..ec826a9 100644 --- a/src/_locales/en/messages.json +++ b/src/_locales/en/messages.json @@ -74,6 +74,9 @@ "CascadePermissions": { "message": "Cascade top document's permissions to 3rd party scripts" }, + "CascadeRestrictions": { + "message": "Cascade top document's restrictions to subdocuments" + }, "ClearClickDescription": { "message": "NoScript intercepted a mouse or keyboard interaction with a partially hidden element. Click on the image below to cycle between the obstructed and the clear version." }, diff --git a/src/bg/Defaults.js b/src/bg/Defaults.js index e30380b..f1b9a18 100644 --- a/src/bg/Defaults.js +++ b/src/bg/Defaults.js @@ -12,6 +12,7 @@ var Defaults = { sync: {
global: false,
xss: true,
+ cascadeRestrictions : false,
xssScanRequestBody: true,
xssBlockUnscannedPOST: false,
overrideTorBrowserPolicy: false, // note: Settings.update() on reset will flip this to true
diff --git a/src/bg/RequestGuard.js b/src/bg/RequestGuard.js index 2f590dc..e7be814 100644 --- a/src/bg/RequestGuard.js +++ b/src/bg/RequestGuard.js @@ -326,7 +326,7 @@ var RequestGuard = (() => { capabilities = perms.capabilities; } else { capabilities = perms.capabilities; - if (frameAncestors.length > 0) { + if (frameAncestors.length > 0 && ns.sync.cascadeRestrictions) { // cascade top document's restrictions to subframes let topUrl = frameAncestors.pop().url; let topPerms = policy.get(topUrl, topUrl).perms; diff --git a/src/bg/Settings.js b/src/bg/Settings.js index 3efc4ad..c0af149 100644 --- a/src/bg/Settings.js +++ b/src/bg/Settings.js @@ -91,6 +91,7 @@ var Settings = { if (isTorBrowser) { // Tor Browser-specific settings ns.defaults.local.isTorBrowser = true; // prevents reset from forgetting + ns.defaults.sync.cascadeRestrictions = true; // we want this to be the default even on reset if (!this.gotTorBrowserInit) { // First initialization message from the Tor Browser this.gotTorBrowserInit = true; @@ -105,11 +106,20 @@ var Settings = { } else { reloadOptionsUI = true; } - if (!settings.local) settings.local = {}; - settings.local.isTorBrowser = true; - if (!settings.sync) settings.sync = {}; - settings.sync.xssScanRequestBody = false; - settings.sync.xssBlockUnscannedPOST = true; + + let torBrowserSettings = { + local: { + isTorBrowser: true, + }, + sync: { + cascadeRestrictions: true, + xssScanRequestBody: false, + xssBlockUnscannedPOST: true, + } + } + for (let [storage, prefs] of Object.entries(torBrowserSettings)) { + settings[storage] = Object.assign(settings[storage] || {}, prefs); + } } if (settings.sync === null) { diff --git a/src/ui/options.html b/src/ui/options.html index a80dece..9ffaa69 100644 --- a/src/ui/options.html +++ b/src/ui/options.html @@ -44,7 +44,9 @@ <span id="auto-opt"> <input type="checkbox" class="enforcement_required" id="opt-auto"><label for="opt-auto" id="lbl-auto">__MSG_AutoAllowTopLevel__</label> </span> - + <span id="cascadeRestrictions-opt"> + <input type="checkbox" class="enforcement_required" id="opt-cascadeRestrictions"><label for="opt-cascadeRestrictions" id="lbl-cascadeRestrictions">__MSG_CascadeRestrictions__</label> + </span> </div> <fieldset class="enforcement_required"> diff --git a/src/ui/options.js b/src/ui/options.js index 7a9ca2b..1932269 100644 --- a/src/ui/options.js +++ b/src/ui/options.js @@ -32,6 +32,8 @@ return policy.autoAllowTop; }); + opt("cascadeRestrictions"); + opt("xss"); opt("xssScanRequestBody"); opt("xssBlockUnscannedPOST"); |