diff options
author | hackademix | 2018-07-17 12:10:17 +0200 |
---|---|---|
committer | hackademix | 2018-07-17 12:10:17 +0200 |
commit | 5a60d58d247fe90ea6ff30e6789c09d5c892d80b (patch) | |
tree | 3d3af0b1b87e2a060790362112f33f93764fdf73 /src/lib | |
parent | 493d40021a8bd9178249f3e84cb411de2c2f0e54 (diff) | |
download | noscript-5a60d58d247fe90ea6ff30e6789c09d5c892d80b.tar.gz noscript-5a60d58d247fe90ea6ff30e6789c09d5c892d80b.tar.xz noscript-5a60d58d247fe90ea6ff30e6789c09d5c892d80b.zip |
Prevent script injection from messing with content-disposition=attachment responses.
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/ContentMetaData.js | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/ContentMetaData.js b/src/lib/ContentMetaData.js index da335ad..002a212 100644 --- a/src/lib/ContentMetaData.js +++ b/src/lib/ContentMetaData.js @@ -4,7 +4,7 @@ class ContentMetaData { let {responseHeaders} = request; for (let h of responseHeaders) { if (/^\s*Content-(Type|Disposition)\s*$/i.test(h.name)) { - this[h.name.split("-")[1].trim().toLowerCase()] = h.value; + this[RegExp.$1.toLowerCase()] = h.value; } } } |