From 921a7910f078ebdb963c047fd6a1b5a6d0231c31 Mon Sep 17 00:00:00 2001
From: hackademix
Date: Fri, 15 Mar 2019 23:55:18 +0100
Subject: "General/Cascade top document's restrictions to subdocuments" option
(default true on the Tor Browser).
---
src/_locales/en/messages.json | 3 +++
src/bg/Defaults.js | 1 +
src/bg/RequestGuard.js | 2 +-
src/bg/Settings.js | 20 +++++++++++++++-----
src/ui/options.html | 4 +++-
src/ui/options.js | 2 ++
6 files changed, 25 insertions(+), 7 deletions(-)
(limited to 'src')
diff --git a/src/_locales/en/messages.json b/src/_locales/en/messages.json
index 13ab4c3..ec826a9 100644
--- a/src/_locales/en/messages.json
+++ b/src/_locales/en/messages.json
@@ -74,6 +74,9 @@
"CascadePermissions": {
"message": "Cascade top document's permissions to 3rd party scripts"
},
+ "CascadeRestrictions": {
+ "message": "Cascade top document's restrictions to subdocuments"
+ },
"ClearClickDescription": {
"message": "NoScript intercepted a mouse or keyboard interaction with a partially hidden element. Click on the image below to cycle between the obstructed and the clear version."
},
diff --git a/src/bg/Defaults.js b/src/bg/Defaults.js
index e30380b..f1b9a18 100644
--- a/src/bg/Defaults.js
+++ b/src/bg/Defaults.js
@@ -12,6 +12,7 @@ var Defaults = {
sync: {
global: false,
xss: true,
+ cascadeRestrictions : false,
xssScanRequestBody: true,
xssBlockUnscannedPOST: false,
overrideTorBrowserPolicy: false, // note: Settings.update() on reset will flip this to true
diff --git a/src/bg/RequestGuard.js b/src/bg/RequestGuard.js
index 2f590dc..e7be814 100644
--- a/src/bg/RequestGuard.js
+++ b/src/bg/RequestGuard.js
@@ -326,7 +326,7 @@ var RequestGuard = (() => {
capabilities = perms.capabilities;
} else {
capabilities = perms.capabilities;
- if (frameAncestors.length > 0) {
+ if (frameAncestors.length > 0 && ns.sync.cascadeRestrictions) {
// cascade top document's restrictions to subframes
let topUrl = frameAncestors.pop().url;
let topPerms = policy.get(topUrl, topUrl).perms;
diff --git a/src/bg/Settings.js b/src/bg/Settings.js
index 3efc4ad..c0af149 100644
--- a/src/bg/Settings.js
+++ b/src/bg/Settings.js
@@ -91,6 +91,7 @@ var Settings = {
if (isTorBrowser) {
// Tor Browser-specific settings
ns.defaults.local.isTorBrowser = true; // prevents reset from forgetting
+ ns.defaults.sync.cascadeRestrictions = true; // we want this to be the default even on reset
if (!this.gotTorBrowserInit) {
// First initialization message from the Tor Browser
this.gotTorBrowserInit = true;
@@ -105,11 +106,20 @@ var Settings = {
} else {
reloadOptionsUI = true;
}
- if (!settings.local) settings.local = {};
- settings.local.isTorBrowser = true;
- if (!settings.sync) settings.sync = {};
- settings.sync.xssScanRequestBody = false;
- settings.sync.xssBlockUnscannedPOST = true;
+
+ let torBrowserSettings = {
+ local: {
+ isTorBrowser: true,
+ },
+ sync: {
+ cascadeRestrictions: true,
+ xssScanRequestBody: false,
+ xssBlockUnscannedPOST: true,
+ }
+ }
+ for (let [storage, prefs] of Object.entries(torBrowserSettings)) {
+ settings[storage] = Object.assign(settings[storage] || {}, prefs);
+ }
}
if (settings.sync === null) {
diff --git a/src/ui/options.html b/src/ui/options.html
index a80dece..9ffaa69 100644
--- a/src/ui/options.html
+++ b/src/ui/options.html
@@ -44,7 +44,9 @@
-
+
+
+