summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/bg/ChildPolicies.js3
-rw-r--r--src/common/Policy.js21
2 files changed, 22 insertions, 2 deletions
diff --git a/src/bg/ChildPolicies.js b/src/bg/ChildPolicies.js
index 5b1b209..32abafe 100644
--- a/src/bg/ChildPolicies.js
+++ b/src/bg/ChildPolicies.js
@@ -111,11 +111,12 @@
// compute exclusions
let permsMapEntries = [...permsMap];
let excludeMap = new Map();
+
for (let [perms, keys] of permsMapEntries) {
excludeMap.set(perms, siteKeys2MatchPatterns(flatten(
permsMapEntries.filter(([other]) => other !== perms)
.map(([otherPerms, otherKeys]) => otherKeys))
- .filter(k => k && k.includes("/"))
+ .filter(k => k && k.includes("/") && keys.some(by => Sites.isImplied(k, by)))
));
}
diff --git a/src/common/Policy.js b/src/common/Policy.js
index 6adc2ae..24c3179 100644
--- a/src/common/Policy.js
+++ b/src/common/Policy.js
@@ -20,7 +20,26 @@ var {Permissions, Policy, Sites} = (() => {
static isValid(site) {
return /^(?:https?:(?:\/\/)?)?([\w\u0100-\uf000][\w\u0100-\uf000.-]*)?[\w\u0100-\uf000](?::\d+)?$/.test(site);
}
-
+
+
+ static originImplies(originKey, site) {
+ return originKey === site || site.startsWith(`${originKey}/`);
+ }
+ static domainImplies(domainKey, site, protocol = null) {
+ if (!protocol) {
+ return (Sites.isSecureDomainKey(domainKey))
+ ? Sites.domainImplies(Sites.toggleSecureDomainKey(domainKey, false), site, "https")
+ : ["http", "https"].some(protocol => Sites.domainImplies(domainKey, site, protocol));
+ }
+ return Sites.originImplies(`${protocol}://${domainKey}`, site);
+ }
+
+ static isImplied(site, byKey) {
+ return byKey.includes("://")
+ ? Sites.originImplies(byKey, site)
+ : Sites.domainImplies(byKey, site);
+ }
+
static parse(site) {
let url, siteKey = "";
if (site instanceof URL) {