summaryrefslogtreecommitdiff
path: root/src/common
diff options
context:
space:
mode:
authorhackademix2019-04-08 11:44:08 +0200
committerhackademix2019-04-08 11:44:08 +0200
commit5ffd53ee89767e1ca08d41516e968aab06cf42d3 (patch)
treeeb59c07a014011bd866397c6ce9decb72f2736f5 /src/common
parent949397847354aec83be5e2ed40b863d349ca0688 (diff)
downloadnoscript-5ffd53ee89767e1ca08d41516e968aab06cf42d3.tar.gz
noscript-5ffd53ee89767e1ca08d41516e968aab06cf42d3.tar.xz
noscript-5ffd53ee89767e1ca08d41516e968aab06cf42d3.zip
Fixed inconsistencies in handling of browser-internal URLs.
Diffstat (limited to 'src/common')
-rw-r--r--src/common/Policy.js8
1 files changed, 5 insertions, 3 deletions
diff --git a/src/common/Policy.js b/src/common/Policy.js
index 55e9ad1..4fbc4ec 100644
--- a/src/common/Policy.js
+++ b/src/common/Policy.js
@@ -1,10 +1,9 @@
var {Permissions, Policy, Sites} = (() => {
'use strict';
-
const SECURE_DOMAIN_PREFIX = "§:";
const SECURE_DOMAIN_RX = new RegExp(`^${SECURE_DOMAIN_PREFIX}`);
const DOMAIN_RX = new RegExp(`(?:^\\w+://|${SECURE_DOMAIN_PREFIX})?([^/]*)`, "i");
- const SKIP_RX = /^(?:(?:about|chrome|resource|moz-.*):|\[System)/;
+ const INTERNAL_SITE_RX = /^(?:(?:about|chrome|resource|(?:moz|chrome)-.*):|\[System)/;
const VALID_SITE_RX = /^(?:(?:(?:(?:http|ftp|ws)s?|file):)(?:(?:\/\/)[\w\u0100-\uf000][\w\u0100-\uf000.-]*[\w\u0100-\uf000.](?:$|\/))?|[\w\u0100-\uf000][\w\u0100-\uf000.-]*[\w\u0100-\uf000]$)/;
let rxQuote = s => s.replace(/[.?*+^$[\]\\(){}|-]/g, "\\$&");
@@ -24,6 +23,9 @@ var {Permissions, Policy, Sites} = (() => {
return VALID_SITE_RX.test(site);
}
+ static isInternal(site) {
+ return INTERNAL_SITE_RX.test(site);
+ }
static originImplies(originKey, site) {
return originKey === site || site.startsWith(`${originKey}/`);
@@ -116,7 +118,7 @@ var {Permissions, Policy, Sites} = (() => {
}
set(k, v) {
- if (!k || SKIP_RX.test(k) || k === "§:") return this;
+ if (!k || Sites.isInternal(k) || k === "§:") return this;
let [,domain] = DOMAIN_RX.exec(k);
if (/[^\u0000-\u007f]/.test(domain)) {
k = k.replace(domain, punycode.toASCII(domain));