From c74024ad3625617fbcfe30b8f194860e42df59eb Mon Sep 17 00:00:00 2001
From: hackademix
Date: Fri, 1 Nov 2019 15:23:21 +0100
Subject: Compute the correct origin for the policy to be fetched from
 about:blank and javascript: URLs.

---
 src/content/staticNS.js | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

(limited to 'src/content/staticNS.js')

diff --git a/src/content/staticNS.js b/src/content/staticNS.js
index ca9de41..59f2b39 100644
--- a/src/content/staticNS.js
+++ b/src/content/staticNS.js
@@ -35,9 +35,17 @@
 
     fetchPolicy() {
       let url = document.URL;
-      debug(`Fetching policy from document %s, readyState %s, content %s`,
-        url, document.readyState, document.documentElement.outerHTML);
-
+      debug(`Fetching policy from document %s, readyState %s`,
+        url, document.readyState
+        , document.documentElement.outerHTML, // DEV_ONLY
+        document.domain, document.baseURI, window.isSecureContext // DEV_ONLY
+      );
+      if (/^(javascript|about):/.test(url)) {
+        url = document.readyState === "loading"
+        ? document.baseURI
+        : `${window.isSecureContext ? "https" : "http"}://${document.domain}`;
+        debug("Fetching policy for actual URL %s (was %s)", url, document.URL);
+      }
       if (!/^(?:file|ftp|https?):/i.test(url)) {
         (async () => {
           let policy;
-- 
cgit v1.2.3