diff options
Diffstat (limited to 'src/xss')
-rw-r--r-- | src/xss/InjectionChecker.js | 9 | ||||
-rw-r--r-- | src/xss/XSS.js | 2 |
2 files changed, 6 insertions, 5 deletions
diff --git a/src/xss/InjectionChecker.js b/src/xss/InjectionChecker.js index 52cba27..a09938b 100644 --- a/src/xss/InjectionChecker.js +++ b/src/xss/InjectionChecker.js @@ -107,11 +107,10 @@ XSS.InjectionChecker = (async () => { var bs = { nq: new RegExp("[" + def + "]") }; - Array.forEach("'\"`", // special treatment for quotes - function(c) { - bs[c] = new RegExp("[" + def + c + "]"); - } - ); + for (let c of ['"', '"', '`']) { + // special treatment for quotes + bs[c] = new RegExp("[" + def + c + "]"); + } delete this.breakStops; return (this.breakStops = bs); }, diff --git a/src/xss/XSS.js b/src/xss/XSS.js index 18630fa..9c2fca3 100644 --- a/src/xss/XSS.js +++ b/src/xss/XSS.js @@ -113,6 +113,8 @@ var XSS = (() => { return { async start() { + if (!UA.isMozilla) return; // async webRequest is supported on Mozilla only + let {onBeforeRequest} = browser.webRequest; let {xssScanRequestBody} = ns.sync; if (xssScanRequestBody !== this.xssScanRequestBody) { |