diff options
| author | hackademix | 2018-09-03 19:20:39 +0200 |
|---|---|---|
| committer | hackademix | 2018-09-04 00:22:39 +0200 |
| commit | 81ac052e1d1b0db924c9ef14a90bf22ce1dc4d8b (patch) | |
| tree | 8e3f904e4cec2c0c8f6132dc0760994baae9fa65 /src/common | |
| parent | 16cdbbe1cb7402ed795923128a4bc7bfb4415f1e (diff) | |
| download | noscript-81ac052e1d1b0db924c9ef14a90bf22ce1dc4d8b.tar.gz noscript-81ac052e1d1b0db924c9ef14a90bf22ce1dc4d8b.tar.xz noscript-81ac052e1d1b0db924c9ef14a90bf22ce1dc4d8b.zip | |
Better file: protocol support.
Diffstat (limited to 'src/common')
| -rw-r--r-- | src/common/Policy.js | 34 |
1 files changed, 21 insertions, 13 deletions
diff --git a/src/common/Policy.js b/src/common/Policy.js index 9afc92e..f4479db 100644 --- a/src/common/Policy.js +++ b/src/common/Policy.js @@ -5,9 +5,10 @@ var {Permissions, Policy, Sites} = (() => { const SECURE_DOMAIN_RX = new RegExp(`^${SECURE_DOMAIN_PREFIX}`); const DOMAIN_RX = new RegExp(`(?:^\\w+://|${SECURE_DOMAIN_PREFIX})?([^/]*)`, "i"); const SKIP_RX = /^(?:(?:about|chrome|resource|moz-.*):|\[System)/; - + const VALID_SITE_RX = /^(?:(?:(?:(?:http|ftp|ws)s?|file):)(?:(?:\/\/)[\w\u0100-\uf000][\w\u0100-\uf000.-]*[\w\u0100-\uf000](?:$|\/))?|[\w\u0100-\uf000][\w\u0100-\uf000.-]*[\w\u0100-\uf000]$)/; + let rxQuote = s => s.replace(/[.?*+^$[\]\\(){}|-]/g, "\\$&"); - + class Sites extends Map { static secureDomainKey(domain) { return domain.includes(":") ? domain : `${SECURE_DOMAIN_PREFIX}${domain}`; @@ -20,14 +21,14 @@ var {Permissions, Policy, Sites} = (() => { } static isValid(site) { - return /^(?:https?:(?:\/\/)?)?([\w\u0100-\uf000][\w\u0100-\uf000.-]*)?[\w\u0100-\uf000](?::\d+)?$/.test(site); + return VALID_SITE_RX.test(site); } - - + + static originImplies(originKey, site) { return originKey === site || site.startsWith(`${originKey}/`); } - + static domainImplies(domainKey, site, protocol ="https?") { if (Sites.isSecureDomainKey(domainKey)) { protocol = "https"; @@ -42,13 +43,13 @@ var {Permissions, Policy, Sites} = (() => { return false; } } - + static isImplied(site, byKey) { - return byKey.includes("://") + return byKey.includes("://") ? Sites.originImplies(byKey, site) : Sites.domainImplies(byKey, site); } - + static parse(site) { let url, siteKey = ""; if (site instanceof URL) { @@ -63,7 +64,11 @@ var {Permissions, Policy, Sites} = (() => { if (url) { let path = url.pathname; siteKey = url.origin; - if (path !== '/') siteKey += path; + if (siteKey === "null") { + siteKey = site; + } else if (path !== '/') { + siteKey += path; + } } return {url, siteKey}; } @@ -71,14 +76,16 @@ var {Permissions, Policy, Sites} = (() => { static optimalKey(site) { let {url, siteKey} = Sites.parse(site); if (url && url.protocol === "https:") return Sites.secureDomainKey(tld.getDomain(url.hostname)); - return url && url.origin || siteKey; + return Sites.origin(url) || siteKey; } static origin(site) { try { - return new URL(site).origin; + let objUrl = site.href ? site : new URL(site); + let origin = objUrl.origin; + return origin === "null" ? objUrl.href : origin; } catch (e) {}; - return site; + return site.origin || site; } static toExternal(url) { // domains are stored in punycode internally @@ -101,6 +108,7 @@ var {Permissions, Policy, Sites} = (() => { match(site) { if (site && this.size) { + if (site instanceof URL) site = site.href; if (this.has(site)) return site; let {url, siteKey} = Sites.parse(site); |