diff options
| author | hackademix | 2018-11-24 23:43:32 +0100 |
|---|---|---|
| committer | hackademix | 2018-11-24 23:43:32 +0100 |
| commit | 83979c532e04c5afc53ecad25f6662ef7ae72874 (patch) | |
| tree | 2efed50171a16e921451787f98087b08ae97de4f /src/bg/RequestGuard.js | |
| parent | 1dcbc7ebfcd82667240bfad44d5be158757350e0 (diff) | |
| download | noscript-83979c532e04c5afc53ecad25f6662ef7ae72874.tar.gz noscript-83979c532e04c5afc53ecad25f6662ef7ae72874.tar.xz noscript-83979c532e04c5afc53ecad25f6662ef7ae72874.zip | |
Allow extensions to perform origin-less fetching and framing (issue #41).
Diffstat (limited to 'src/bg/RequestGuard.js')
| -rw-r--r-- | src/bg/RequestGuard.js | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/bg/RequestGuard.js b/src/bg/RequestGuard.js index 55a78c8..8214a3d 100644 --- a/src/bg/RequestGuard.js +++ b/src/bg/RequestGuard.js @@ -264,7 +264,10 @@ var RequestGuard = (() => { if (policyType) { let {url, originUrl, documentUrl} = request; if (("fetch" === policyType || "frame" === policyType) && - (url === originUrl && originUrl === documentUrl || + (((!originUrl || url === originUrl) && originUrl === documentUrl + // some extensions make them both undefined, + // see https://github.com/eight04/image-picka/issues/150 + ) || INTERNAL_SCHEME.test(originUrl)) ) { // livemark request or similar browser-internal, always allow; |