summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorhackademix2018-07-25 11:08:43 +0200
committerhackademix2018-07-25 11:08:43 +0200
commitd88a0cf6d76408be4455d8e6a1ba5cb55bd6b8b7 (patch)
tree1f6c82409b6fd43cd92ddcdffda2fea6125bbb47
parent391c8b402a2a1a103db8f232ecde65410f82c9ef (diff)
downloadnoscript-d88a0cf6d76408be4455d8e6a1ba5cb55bd6b8b7.tar.gz
noscript-d88a0cf6d76408be4455d8e6a1ba5cb55bd6b8b7.tar.xz
noscript-d88a0cf6d76408be4455d8e6a1ba5cb55bd6b8b7.zip
Fixed infinite reload loops on scripting permissions mismatches.
-rw-r--r--src/bg/RequestGuard.js2
-rw-r--r--src/content/content.js18
2 files changed, 13 insertions, 7 deletions
diff --git a/src/bg/RequestGuard.js b/src/bg/RequestGuard.js
index 8191f3e..688bcc0 100644
--- a/src/bg/RequestGuard.js
+++ b/src/bg/RequestGuard.js
@@ -269,7 +269,7 @@ var RequestGuard = (() => {
let records = TabStatus.map.get(tabId);
let noscriptFrames = records && records.noscriptFrames;
let canScript = !(noscriptFrames && noscriptFrames[sender.frameId]);
- let shouldScript = ns.isEnforced(tabId) && ns.policy.can(url, "script");
+ let shouldScript = !ns.isEnforced(tabId) || ns.policy.can(url, "script");
debug("Frame %s %s of %o, canScript: %s, shouldScript: %s", frameId, url, noscriptFrames, canScript, shouldScript);
return {canScript, shouldScript};
}
diff --git a/src/content/content.js b/src/content/content.js
index a2bb4d9..dd847f0 100644
--- a/src/content/content.js
+++ b/src/content/content.js
@@ -87,11 +87,15 @@ let notifyPage = () => {
}
var queryingCanScript = false;
-var caps = {};
+
+function reload(noCache = false) {
+ init = () => {};
+ location.reload(noCache);
+}
async function init(oldPage = false) {
if (queryingCanScript) return;
- if (document.URL === "about:blank") {
+ if (!document.URL.startsWith("http")) {
return;
}
queryingCanScript = true;
@@ -105,12 +109,13 @@ async function init(oldPage = false) {
if (canScript) {
if (oldPage) {
probe();
- setTimeout(() => init(), 100);
+ setTimeout(() => init(), 200);
return;
}
if (!shouldScript) {
// Something wrong: scripts can run, permissions say they shouldn't.
// Was webRequest bypassed by caching/session restore/service workers?
+ window.stop();
let noCache = !!navigator.serviceWorker.controller;
if (noCache) {
for (let r of await navigator.serviceWorker.getRegistrations()) {
@@ -118,7 +123,7 @@ async function init(oldPage = false) {
}
}
debug("Reloading %s (%s)", document.URL, noCache ? "no cache" : "cached");
- location.reload(noCache);
+ reload(noCache);
return;
}
}
@@ -129,7 +134,8 @@ async function init(oldPage = false) {
if (!oldPage &&
/Receiving end does not exist/.test(e.message)) {
// probably startup and bg page not ready yet, hence no CSP: reload!
- location.reload(false);
+ debug("Reloading", document.URL);
+ reload();
} else {
setTimeout(() => init(oldPage), 100);
}
@@ -162,4 +168,4 @@ async function init(oldPage = false) {
// document.write("<plaintext>");
}
notifyPage() || addEventListener("pageshow", notifyPage);
-};
+}