diff options
author | hackademix | 2019-03-19 23:11:18 +0100 |
---|---|---|
committer | hackademix | 2019-03-19 23:11:18 +0100 |
commit | fa623fe400a5009e92f85bae213d15b589dd123f (patch) | |
tree | 1fa1df68a062ec5ecb1359bf95e50b62e839fad0 /src/xss | |
parent | c505c3e999cac60fe6179ddd7db5f4a49b56b7ed (diff) | |
download | noscript-fa623fe400a5009e92f85bae213d15b589dd123f.tar.gz noscript-fa623fe400a5009e92f85bae213d15b589dd123f.tar.xz noscript-fa623fe400a5009e92f85bae213d15b589dd123f.zip |
Fixed searches from the url bar causing XSS warnings in the Tor Browser.
Diffstat (limited to 'src/xss')
-rw-r--r-- | src/xss/XSS.js | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/xss/XSS.js b/src/xss/XSS.js index b7bffce..6e0770b 100644 --- a/src/xss/XSS.js +++ b/src/xss/XSS.js @@ -245,7 +245,9 @@ var XSS = (() => { (XSS.xssScanRequestBody ? request.requestBody && request.requestBody.formData && ic.checkPost(request.requestBody.formData, skipParams) - : XSS.xssBlockUnscannedPOST && ns.requestCan(request, "script") && _("UnscannedXPost") + : XSS.xssBlockUnscannedPOST && + request.documentUrl && // exclude non-document POSTs, such as url bar searches + ns.requestCan(request, "script") && _("UnscannedXPost") ); let protectName = ic.nameAssignment; |