summaryrefslogtreecommitdiff
path: root/src/common
diff options
context:
space:
mode:
authorhackademix2018-08-28 23:28:06 +0200
committerhackademix2018-08-28 23:28:06 +0200
commit5c3d5354f2aa3d9cc4ab7fcdf15c3350122851cb (patch)
treea44463a533753e84c04ec3c413f366b318932ad8 /src/common
parent9b32ee87946b4aff80114d4372a768ed1a9af887 (diff)
downloadnoscript-5c3d5354f2aa3d9cc4ab7fcdf15c3350122851cb.tar.gz
noscript-5c3d5354f2aa3d9cc4ab7fcdf15c3350122851cb.tar.xz
noscript-5c3d5354f2aa3d9cc4ab7fcdf15c3350122851cb.zip
Reload-less service worker busting.
Diffstat (limited to 'src/common')
-rw-r--r--src/common/CapsCSP.js29
1 files changed, 15 insertions, 14 deletions
diff --git a/src/common/CapsCSP.js b/src/common/CapsCSP.js
index 17a949c..4b8fde6 100644
--- a/src/common/CapsCSP.js
+++ b/src/common/CapsCSP.js
@@ -4,24 +4,25 @@ function CapsCSP(baseCSP = new CSP()) {
return Object.assign(baseCSP, {
types: ["script", "object", "media"],
dataUriTypes: ["font", "media", "object"],
- buildFromCapabilities(capabilities, netBlocker = false) {
+ buildFromCapabilities(capabilities, blockHttp = false) {
let forbidData = new Set(this.dataUriTypes.filter(t => !capabilities.has(t)));
- let blockedTypes;
- if (netBlocker) {
- blockedTypes = new Set(this.types.filter(t => !capabilities.has(t)));
- } else if(!capabilities.has("script")) {
- blockedTypes = new Set(["script"]);
- forbidData.add("object"); // data: URIs loaded in objects may run scripts
- } else {
- blockedTypes = new Set();
+ let blockedTypes = new Set(this.types.filter(t => !capabilities.has(t)));
+ if(!capabilities.has("script")) {
+ blockedTypes.add("worker");
+ if (!blockedTypes.has("object")) {
+ // data: URIs loaded in objects may run scripts
+ blockedTypes.add({name: "object", value: "http: https:"});
+ }
}
-
- for (let type of forbidData) {
- if (blockedTypes.has(type)) continue;
+
+ if (!blockHttp) {
// HTTP is blocked in onBeforeRequest, let's allow it only and block
// for instance data: and blob: URIs
- let dataBlocker = {name: type, value: "http: https:"};
- blockedTypes.add(dataBlocker)
+ for (let type of this.dataUriTypes) {
+ if (blockedTypes.delete(type)) {
+ blockedTypes.add({name: type, value: "http: https:"});
+ }
+ }
}
return blockedTypes.size ? this.buildBlocker(...blockedTypes) : null;