From fa623fe400a5009e92f85bae213d15b589dd123f Mon Sep 17 00:00:00 2001
From: hackademix
Date: Tue, 19 Mar 2019 23:11:18 +0100
Subject: Fixed searches from the url bar causing XSS warnings in the Tor
 Browser.

---
 src/xss/XSS.js | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src/xss')

diff --git a/src/xss/XSS.js b/src/xss/XSS.js
index b7bffce..6e0770b 100644
--- a/src/xss/XSS.js
+++ b/src/xss/XSS.js
@@ -245,7 +245,9 @@ var XSS = (() => {
        (XSS.xssScanRequestBody ?
           request.requestBody && request.requestBody.formData &&
             ic.checkPost(request.requestBody.formData, skipParams)
-        : XSS.xssBlockUnscannedPOST && ns.requestCan(request, "script") && _("UnscannedXPost")
+        : XSS.xssBlockUnscannedPOST &&
+          request.documentUrl && // exclude non-document POSTs, such as url bar searches
+          ns.requestCan(request, "script") && _("UnscannedXPost")
       );
 
       let protectName = ic.nameAssignment;
-- 
cgit v1.2.3