diff options
author | hackademix | 2018-10-13 23:13:58 +0200 |
---|---|---|
committer | hackademix | 2018-10-14 23:18:31 +0200 |
commit | f9703b2bcb2e72de1822ec58aa78ea62b7947783 (patch) | |
tree | 9174b0e7bc83b44b178baba96f579ab8e04c4f81 /src | |
parent | ae5704dcf9983ad29cd96333e857a4ff5d762e3d (diff) | |
download | noscript-f9703b2bcb2e72de1822ec58aa78ea62b7947783.tar.gz noscript-f9703b2bcb2e72de1822ec58aa78ea62b7947783.tar.xz noscript-f9703b2bcb2e72de1822ec58aa78ea62b7947783.zip |
Fixed potential race condition in per-tab configuration cookie hack.
Diffstat (limited to 'src')
-rw-r--r-- | src/bg/ChildPolicies.js | 3 | ||||
-rw-r--r-- | src/content/staticNS.js | 7 |
2 files changed, 6 insertions, 4 deletions
diff --git a/src/bg/ChildPolicies.js b/src/bg/ChildPolicies.js index b6904f8..74aeccb 100644 --- a/src/bg/ChildPolicies.js +++ b/src/bg/ChildPolicies.js @@ -105,9 +105,10 @@ var ChildPolicies = { addTabInfoCookie(request, info) { + let {tabId, frameId} = request; let h = { name: "Set-Cookie", - value: `${marker}=${JSON.stringify(info)}` + value: `${marker}_${tabId}_${frameId}=${JSON.stringify(info)}` }; let {responseHeaders} = request; if (responseHeaders.some(({value, name}) => h.value === value && h.name === name)) { diff --git a/src/content/staticNS.js b/src/content/staticNS.js index c746180..6002bfd 100644 --- a/src/content/staticNS.js +++ b/src/content/staticNS.js @@ -52,13 +52,14 @@ // (before any content can access it) if (this.config.MARKER = MARKER) { - let cookieRx = new RegExp(`(?:^|;\\s*)${MARKER}=([^;]*)`); + let cookieRx = new RegExp(`(?:^|;\\s*)(${MARKER}(?:_\\d+){2})=([^;]*)`); let match = document.cookie.match(cookieRx); if (match) { + let [cookie, cookieName, cookieValue] = match; // delete cookie NOW - document.cookie = `${MARKER}=;expires=${new Date(Date.now() - 31536000000).toGMTString()}`; + document.cookie = `${cookieName}=;expires=${new Date(Date.now() - 31536000000).toGMTString()}`; try { - this.config.tabInfo = JSON.parse(decodeURIComponent(match[1])); + this.config.tabInfo = JSON.parse(decodeURIComponent(cookieValue)); } catch (e) { error(e); } |