From fa623fe400a5009e92f85bae213d15b589dd123f Mon Sep 17 00:00:00 2001 From: hackademix Date: Tue, 19 Mar 2019 23:11:18 +0100 Subject: Fixed searches from the url bar causing XSS warnings in the Tor Browser. --- src/xss/XSS.js | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/xss/XSS.js b/src/xss/XSS.js index b7bffce..6e0770b 100644 --- a/src/xss/XSS.js +++ b/src/xss/XSS.js @@ -245,7 +245,9 @@ var XSS = (() => { (XSS.xssScanRequestBody ? request.requestBody && request.requestBody.formData && ic.checkPost(request.requestBody.formData, skipParams) - : XSS.xssBlockUnscannedPOST && ns.requestCan(request, "script") && _("UnscannedXPost") + : XSS.xssBlockUnscannedPOST && + request.documentUrl && // exclude non-document POSTs, such as url bar searches + ns.requestCan(request, "script") && _("UnscannedXPost") ); let protectName = ic.nameAssignment; -- cgit v1.2.3