Fix CSP violation reporting management of "fake" blocked-uri like "eval".

author: hackademix 2019-09-30 07:33:22 +0200
committer: hackademix 2019-09-30 07:37:03 +0200
commit: f9f116e65cacc44de9148ed0d81773c7dc082417 (patch)
tree: 75d742086940b4655d03e7312669d014d11bfe58 /src/bg
parent: 6c60ab2710b90f9eac993357281d55c6dd073118 (diff)
download: noscript-f9f116e65cacc44de9148ed0d81773c7dc082417.tar.gz
noscript-f9f116e65cacc44de9148ed0d81773c7dc082417.tar.xz
noscript-f9f116e65cacc44de9148ed0d81773c7dc082417.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/src/bg/RequestGuard.js b/src/bg/RequestGuard.js
index 3936df9..8f4df67 100644
--- a/src/bg/RequestGuard.js
+++ b/src/bg/RequestGuard.js
@@ -443,7 +443,7 @@ var RequestGuard = (() => {
       let blockedURI = report['blocked-uri'];
       if (blockedURI && blockedURI !== 'self') {
         let r = fakeRequestFromCSP(report, request);
-        if (r.url === 'inline') r.url = request.documentUrl;
+        if (!/:/.test(r.url)) r.url = request.documentUrl;
         Content.reportTo(r, false, policyTypesMap[r.type]);
         TabStatus.record(r, "blocked");
       } else if (report["violated-directive"] === "script-src" && /; script-src 'none'/.test(report["original-policy"])) {
author	hackademix	2019-09-30 07:33:22 +0200
committer	hackademix	2019-09-30 07:37:03 +0200
commit	f9f116e65cacc44de9148ed0d81773c7dc082417 (patch)
tree	75d742086940b4655d03e7312669d014d11bfe58 /src/bg
parent	6c60ab2710b90f9eac993357281d55c6dd073118 (diff)
download	noscript-f9f116e65cacc44de9148ed0d81773c7dc082417.tar.gz noscript-f9f116e65cacc44de9148ed0d81773c7dc082417.tar.xz noscript-f9f116e65cacc44de9148ed0d81773c7dc082417.zip