mirror of
https://github.com/gorhill/uBlock.git
synced 2024-10-06 09:37:12 +02:00
fix #2360
This commit is contained in:
parent
2852f9be19
commit
a742f09dd4
@ -443,17 +443,22 @@ var processCSP = function(pageStore, details) {
|
||||
blockInlineScript = µb.isBlockResult(inlineScriptResult);
|
||||
}
|
||||
|
||||
context.requestType = 'websocket';
|
||||
µb.staticNetFilteringEngine.matchStringExactType(context, requestURL, 'websocket');
|
||||
var websocketResult = µb.staticNetFilteringEngine.toResultString(loggerEnabled),
|
||||
blockWebsocket = µb.isBlockResult(websocketResult);
|
||||
|
||||
// https://github.com/gorhill/uBlock/issues/2360
|
||||
µb.staticNetFilteringEngine.matchStringExactType(context, 'blob:', 'script');
|
||||
var workerResult = µb.staticNetFilteringEngine.toResultString(loggerEnabled),
|
||||
blockWorker = µb.isBlockResult(workerResult);
|
||||
|
||||
var headersChanged;
|
||||
if ( blockInlineScript || blockWebsocket ) {
|
||||
if ( blockInlineScript || blockWebsocket || blockWorker ) {
|
||||
headersChanged = foilWithCSP(
|
||||
details.responseHeaders,
|
||||
blockInlineScript,
|
||||
blockWebsocket
|
||||
blockWebsocket,
|
||||
blockWorker
|
||||
);
|
||||
}
|
||||
|
||||
@ -480,6 +485,17 @@ var processCSP = function(pageStore, details) {
|
||||
context.pageHostname
|
||||
);
|
||||
}
|
||||
if ( workerResult !== '' ) {
|
||||
µb.logger.writeOne(
|
||||
tabId,
|
||||
'net',
|
||||
workerResult,
|
||||
'worker',
|
||||
requestURL,
|
||||
context.rootHostname,
|
||||
context.pageHostname
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
context.dispose();
|
||||
@ -524,26 +540,38 @@ var foilLargeMediaElement = function(pageStore, details) {
|
||||
|
||||
/******************************************************************************/
|
||||
|
||||
var foilWithCSP = function(headers, noInlineScript, noWebsocket) {
|
||||
var i = headerIndexFromName('content-security-policy', headers),
|
||||
var foilWithCSP = function(headers, noInlineScript, noWebsocket, noWorker) {
|
||||
var me = foilWithCSP,
|
||||
i = headerIndexFromName('content-security-policy', headers),
|
||||
before = i === -1 ? '' : headers[i].value.trim(),
|
||||
after = before;
|
||||
|
||||
if ( noInlineScript ) {
|
||||
after = foilWithCSPDirective(
|
||||
after,
|
||||
/script-src[^;]*;?\s*/,
|
||||
me.reScriptSrc,
|
||||
"script-src 'unsafe-eval' *",
|
||||
/'unsafe-inline'\s*|'nonce-[^']+'\s*/g
|
||||
me.reScriptSrcRemove
|
||||
);
|
||||
}
|
||||
|
||||
if ( noWebsocket ) {
|
||||
after = foilWithCSPDirective(
|
||||
after,
|
||||
/connect-src[^;]*;?\s*/,
|
||||
me.reConnectSrc,
|
||||
'connect-src http:',
|
||||
/wss?:[^\s]*\s*/g
|
||||
me.reConnectSrcRemove
|
||||
);
|
||||
}
|
||||
|
||||
// https://www.w3.org/TR/CSP2/#directive-child-src
|
||||
// https://www.w3.org/TR/CSP3/#directive-worker-src
|
||||
if ( noWorker ) {
|
||||
after = foilWithCSPDirective(
|
||||
after,
|
||||
me.reWorkerSrc,
|
||||
'child-src http:',
|
||||
me.reWorkerSrcRemove
|
||||
);
|
||||
}
|
||||
|
||||
@ -556,9 +584,9 @@ var foilWithCSP = function(headers, noInlineScript, noWebsocket) {
|
||||
// https://w3c.github.io/webappsec-csp/#directive-frame-src
|
||||
after = foilWithCSPDirective(
|
||||
after,
|
||||
/frame-src[^;]*;?\s*/,
|
||||
me.reFrameSrc,
|
||||
'frame-src http:',
|
||||
/data:[^\s]*\s*|blob:[^\s]*\s*/g
|
||||
me.reFrameSrcRemove
|
||||
);
|
||||
}
|
||||
|
||||
@ -573,6 +601,18 @@ var foilWithCSP = function(headers, noInlineScript, noWebsocket) {
|
||||
return changed;
|
||||
};
|
||||
|
||||
(function() {
|
||||
var fn = foilWithCSP;
|
||||
fn.reScriptSrc = /script-src[^;]*;?\s*/;
|
||||
fn.reScriptSrcRemove = /'unsafe-inline'\s*|'nonce-[^']+'\s*/g;
|
||||
fn.reConnectSrc = /connect-src[^;]*;?\s*/;
|
||||
fn.reConnectSrcRemove = /wss?:[^\s]*\s*/g;
|
||||
fn.reWorkerSrc = /child-src[^;]*;?\s*/;
|
||||
fn.reWorkerSrcRemove = /blob:[^\s]*\s*/g;
|
||||
fn.reFrameSrc = /frame-src[^;]*;?\s*/;
|
||||
fn.reFrameSrcRemove = /data:[^\s]*\s*|blob:[^\s]*\s*/g;
|
||||
})();
|
||||
|
||||
/******************************************************************************/
|
||||
|
||||
// Past issues to keep in mind:
|
||||
|
Loading…
Reference in New Issue
Block a user