diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/bg/RequestGuard.js | 22 | ||||
-rw-r--r-- | src/lib/TabCache.js | 24 | ||||
-rw-r--r-- | src/manifest.json | 1 |
3 files changed, 39 insertions, 8 deletions
diff --git a/src/bg/RequestGuard.js b/src/bg/RequestGuard.js index 0de52f4..8d30fe7 100644 --- a/src/bg/RequestGuard.js +++ b/src/bg/RequestGuard.js @@ -261,12 +261,18 @@ var RequestGuard = (() => { return redirected; } - function intersectCapabilities(perms, frameAncestors) { - if (frameAncestors && frameAncestors.length && ns.sync.cascadeRestrictions) { - // cascade top document's restrictions to subframes - perms = policy.cascadeRestrictions(perms, - frameAncestors[frameAncestors.length - 1].url) - .capabilities; + function intersectCapabilities(perms, request) { + let {frameId, frameAncestors, tabId} = request; + if (frameId !== 0 && ns.sync.cascadeRestrictions) { + let topUrl = frameAncestors && frameAncestors.length + && frameAncestors[frameAncestors.length - 1].url; + if (!topUrl) { + let tab = TabCache.get(tabId); + if (tab) topUrl = tab.url; + } + if (topUrl) { + return ns.policy.cascadeRestrictions(perms, topUrl).capabilities; + } } return perms.capabilities; } @@ -300,7 +306,7 @@ var RequestGuard = (() => { !ns.isEnforced(request.tabId) || intersectCapabilities( policy.get(url, documentUrl).perms, - request.frameAncestors + request ).has(policyType); Content.reportTo(request, allowed, policyType); @@ -347,7 +353,7 @@ var RequestGuard = (() => { } capabilities = perms.capabilities; } else { - capabilities = intersectCapabilities(perms, request.frameAncestors); + capabilities = intersectCapabilities(perms, request); } } // else unrestricted, either globally or per-tab if (isMainFrame && !TabStatus.map.has(tabId)) { diff --git a/src/lib/TabCache.js b/src/lib/TabCache.js new file mode 100644 index 0000000..16d6e1f --- /dev/null +++ b/src/lib/TabCache.js @@ -0,0 +1,24 @@ +var TabCache = (() => { + + let cache = new Map(); + + browser.tabs.onUpdated.addListener(tab => { + cache.set(tab.id, tab); + }); + + browser.tabs.onRemoved.addListener(tab => { + cache.delete(tab.id); + }); + + (async () => { + for (let tab of await browser.tabs.query({})) { + cache.set(tab.id, tab); + } + })(); + + return { + get(tabId) { + return cache.get(tabId); + } + }; +})(); diff --git a/src/manifest.json b/src/manifest.json index 55a351b..fbeb8a2 100644 --- a/src/manifest.json +++ b/src/manifest.json @@ -47,6 +47,7 @@ "lib/Messages.js", "lib/CSP.js", "lib/NetCSP.js", + "lib/TabCache.js", "common/CapsCSP.js", "common/Policy.js", "common/locale.js", |