From ab131302cd7ec773b1fa777cda42076a3301696f Mon Sep 17 00:00:00 2001
From: hackademix
Date: Sun, 22 Mar 2020 11:05:15 +0100
Subject: Uniform refresh url matching across HTTP and DOM checks (thanks
 insertscript).

---
 src/bg/ReportingCSP.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/bg/ReportingCSP.js')

diff --git a/src/bg/ReportingCSP.js b/src/bg/ReportingCSP.js
index e7ffe0a..08e7a90 100644
--- a/src/bg/ReportingCSP.js
+++ b/src/bg/ReportingCSP.js
@@ -37,7 +37,7 @@ function ReportingCSP(reportURI, reportGroup) {
           } else if (blocker && /^(Location|Refresh)$/i.test(h.name)) {
             // neutralize any HTTP redirection to data: URLs, like Chromium
             let  url = /^R/i.test(h.name)
-              ? h.value.replace(/^[^,;]*[,;]url[^\w=]*=\s*/i, "") : h.value;
+              ? h.value.replace(/^[^,;]*[,;]\W*url[^=]*=[^!#$%&()*+,/:;=?@[\]\w.,~-]*/i, "") : h.value;
             if (/^data:/i.test(url)) {
               h.value = h.value.slice(0, -url.length) + "data:";
             }
-- 
cgit v1.2.3