blob: 4f36cbfcc20483d92de1789397fbaeb8d7033a12 (
plain)
1
2
3
4
5
6
7
8
9
|
ns.on("perms", event => {
if (ns.allows("script")) {
let name = ns.getWindowName();
if (/[<"'\`(=:]/.test(name)) {
console.log(`NoScript XSS filter sanitizing suspicious window.name "%s" on %s`, name, document.URL);
window.name = window.name.substring(0, window.name.length - name.length);
}
}
});
|