summaryrefslogtreecommitdiff
path: root/src/xss
diff options
context:
space:
mode:
authorhackademix2019-03-27 23:43:34 +0100
committerhackademix2019-03-27 23:43:34 +0100
commitb9373c65b112342a519cb932fdebfd68a3cd174d (patch)
treec7da79232c02645389ae00d3ddbc59c0919ae0be /src/xss
parentd77df5c9e433a2e08f1e66ded36beca5e17deff3 (diff)
parent0878ad2b0a0d3af5db66cc6a4f7d882e17a13365 (diff)
downloadnoscript-b9373c65b112342a519cb932fdebfd68a3cd174d.tar.gz
noscript-b9373c65b112342a519cb932fdebfd68a3cd174d.tar.xz
noscript-b9373c65b112342a519cb932fdebfd68a3cd174d.zip
Merge branch 'chromium' into merge/chromium
Diffstat (limited to 'src/xss')
-rw-r--r--src/xss/InjectionChecker.js9
-rw-r--r--src/xss/XSS.js2
2 files changed, 6 insertions, 5 deletions
diff --git a/src/xss/InjectionChecker.js b/src/xss/InjectionChecker.js
index 52cba27..a09938b 100644
--- a/src/xss/InjectionChecker.js
+++ b/src/xss/InjectionChecker.js
@@ -107,11 +107,10 @@ XSS.InjectionChecker = (async () => {
var bs = {
nq: new RegExp("[" + def + "]")
};
- Array.forEach("'\"`", // special treatment for quotes
- function(c) {
- bs[c] = new RegExp("[" + def + c + "]");
- }
- );
+ for (let c of ['"', '"', '`']) {
+ // special treatment for quotes
+ bs[c] = new RegExp("[" + def + c + "]");
+ }
delete this.breakStops;
return (this.breakStops = bs);
},
diff --git a/src/xss/XSS.js b/src/xss/XSS.js
index 18630fa..9c2fca3 100644
--- a/src/xss/XSS.js
+++ b/src/xss/XSS.js
@@ -113,6 +113,8 @@ var XSS = (() => {
return {
async start() {
+ if (!UA.isMozilla) return; // async webRequest is supported on Mozilla only
+
let {onBeforeRequest} = browser.webRequest;
let {xssScanRequestBody} = ns.sync;
if (xssScanRequestBody !== this.xssScanRequestBody) {