From 286acd20792601efd8699aded61a05fd72899311 Mon Sep 17 00:00:00 2001 From: hackademix Date: Thu, 23 Aug 2018 17:48:38 +0200 Subject: More resilient and optimized version of Sites.domainImplies(). --- src/common/Policy.js | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/src/common/Policy.js b/src/common/Policy.js index dae369a..3c31c71 100644 --- a/src/common/Policy.js +++ b/src/common/Policy.js @@ -5,7 +5,9 @@ var {Permissions, Policy, Sites} = (() => { const SECURE_DOMAIN_RX = new RegExp(`^${SECURE_DOMAIN_PREFIX}`); const DOMAIN_RX = new RegExp(`(?:^\\w+://|${SECURE_DOMAIN_PREFIX})?([^/]*)`, "i"); const SKIP_RX = /^(?:(?:about|chrome|resource|moz-.*):|\[System)/; - + + let rxQuote = s => s.replace(/[.?*+^$[\]\\(){}|-]/g, "\\$&"); + class Sites extends Map { static secureDomainKey(domain) { return domain.includes(":") ? domain : `${SECURE_DOMAIN_PREFIX}${domain}`; @@ -27,12 +29,19 @@ var {Permissions, Policy, Sites} = (() => { } static domainImplies(domainKey, site, protocol ="https?") { + if (!site.includes(domainKey)) return false; + if (Sites.isSecureDomainKey(domainKey)) { protocol = "https"; domainKey = Sites.toggleSecureDomainKey(domainKey, false); } - return new RegExp(`^${protocol}://([^/?#:]+\\.)?${domainKey.replace(/\./g, "\\.")}(?:[:/]|$)`) - .test(site); + try { + return new RegExp(`^${protocol}://([^/?#:]+\\.)?${rxQuote(domainKey)}(?:[:/]|$)`) + .test(site); + } catch (e) { + error(e, `Cannot check if ${domainKey} implies ${site}`); + return false; + } } static isImplied(site, byKey) { -- cgit v1.2.3