summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorhackademix2018-11-24 23:43:32 +0100
committerhackademix2018-11-24 23:43:32 +0100
commit83979c532e04c5afc53ecad25f6662ef7ae72874 (patch)
tree2efed50171a16e921451787f98087b08ae97de4f /src
parent1dcbc7ebfcd82667240bfad44d5be158757350e0 (diff)
downloadnoscript-83979c532e04c5afc53ecad25f6662ef7ae72874.tar.gz
noscript-83979c532e04c5afc53ecad25f6662ef7ae72874.tar.xz
noscript-83979c532e04c5afc53ecad25f6662ef7ae72874.zip
Allow extensions to perform origin-less fetching and framing (issue #41).
Diffstat (limited to 'src')
-rw-r--r--src/bg/RequestGuard.js5
1 files changed, 4 insertions, 1 deletions
diff --git a/src/bg/RequestGuard.js b/src/bg/RequestGuard.js
index 55a78c8..8214a3d 100644
--- a/src/bg/RequestGuard.js
+++ b/src/bg/RequestGuard.js
@@ -264,7 +264,10 @@ var RequestGuard = (() => {
if (policyType) {
let {url, originUrl, documentUrl} = request;
if (("fetch" === policyType || "frame" === policyType) &&
- (url === originUrl && originUrl === documentUrl ||
+ (((!originUrl || url === originUrl) && originUrl === documentUrl
+ // some extensions make them both undefined,
+ // see https://github.com/eight04/image-picka/issues/150
+ ) ||
INTERNAL_SCHEME.test(originUrl))
) {
// livemark request or similar browser-internal, always allow;