summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorhackademix2019-09-30 07:33:22 +0200
committerhackademix2019-09-30 07:37:03 +0200
commitf9f116e65cacc44de9148ed0d81773c7dc082417 (patch)
tree75d742086940b4655d03e7312669d014d11bfe58
parent6c60ab2710b90f9eac993357281d55c6dd073118 (diff)
downloadnoscript-f9f116e65cacc44de9148ed0d81773c7dc082417.tar.gz
noscript-f9f116e65cacc44de9148ed0d81773c7dc082417.tar.xz
noscript-f9f116e65cacc44de9148ed0d81773c7dc082417.zip
Fix CSP violation reporting management of "fake" blocked-uri like "eval".
-rw-r--r--src/bg/RequestGuard.js2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/bg/RequestGuard.js b/src/bg/RequestGuard.js
index 3936df9..8f4df67 100644
--- a/src/bg/RequestGuard.js
+++ b/src/bg/RequestGuard.js
@@ -443,7 +443,7 @@ var RequestGuard = (() => {
let blockedURI = report['blocked-uri'];
if (blockedURI && blockedURI !== 'self') {
let r = fakeRequestFromCSP(report, request);
- if (r.url === 'inline') r.url = request.documentUrl;
+ if (!/:/.test(r.url)) r.url = request.documentUrl;
Content.reportTo(r, false, policyTypesMap[r.type]);
TabStatus.record(r, "blocked");
} else if (report["violated-directive"] === "script-src" && /; script-src 'none'/.test(report["original-policy"])) {