Browse Source

use worker-src on Firefox 58+ -- turns out this was fixed weeks ago

pull/2/head
Raymond Hill 7 years ago
parent
commit
c89a4cfe5e
No known key found for this signature in database GPG Key ID: 25E1490B761470C2
  1. 10
      platform/chromium/vapi-background.js
  2. 28
      src/js/traffic.js

10
platform/chromium/vapi-background.js

@ -39,7 +39,7 @@ var manifest = chrome.runtime.getManifest();
vAPI.chrome = true;
vAPI.webextFlavor = '';
vAPI.webextFlavor = undefined;
if (
self.browser instanceof Object &&
typeof self.browser.runtime.getBrowserInfo === 'function'
@ -47,6 +47,8 @@ if (
self.browser.runtime.getBrowserInfo().then(function(info) {
vAPI.webextFlavor = info.vendor + '-' + info.name + '-' + info.version;
});
} else {
vAPI.webextFlavor = '';
}
var noopFunc = function(){};
@ -776,7 +778,11 @@ vAPI.cloud = (function() {
// actual data, but all of this is provided for free by browser vendors,
// so we need to accept and deal with these limitations.
var initialize = function() {
var ratio = vAPI.webextFlavor.startsWith('Mozilla-Firefox-') ? 0.6 : 0.75;
var ratio =
vAPI.webextFlavor === undefined ||
vAPI.webextFlavor.startsWith('Mozilla-Firefox-') ?
0.6 :
0.75;
maxChunkSize = Math.floor(maxChunkSize * ratio);
initialize = function(){};
};

28
src/js/traffic.js

@ -1,7 +1,7 @@
/*******************************************************************************
uMatrix - a Chromium browser extension to black/white list requests.
Copyright (C) 2014-2017 Raymond Hill
Copyright (C) 2014-2018 Raymond Hill
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -314,18 +314,16 @@ var onHeadersReceived = function(details) {
csp.push(µm.cspNoInlineStyle);
}
// TODO: Firefox will eventually support `worker-src`:
// https://bugzilla.mozilla.org/show_bug.cgi?id=1231788
if ( µm.cspNoWorker === undefined ) {
µm.cspNoWorker = vAPI.webextFlavor.startsWith('Mozilla-') ?
"child-src 'none'; frame-src data: blob: *; report-uri about:blank" :
"worker-src 'none'; report-uri about:blank" ;
// https://bugzilla.mozilla.org/show_bug.cgi?id=1302667
var cspNoWorker = µm.cspNoWorker;
if ( cspNoWorker === undefined ) {
cspNoWorker = cspNoWorkerInit();
}
if ( µm.tMatrix.evaluateSwitchZ('no-workers', rootHostname) ) {
csp.push(µm.cspNoWorker);
csp.push(cspNoWorker);
} else if ( µm.rawSettings.disableCSPReportInjection === false ) {
cspReport.push(µm.cspNoWorker);
cspReport.push(cspNoWorker);
}
var headers = details.responseHeaders,
@ -365,6 +363,18 @@ var onHeadersReceived = function(details) {
/******************************************************************************/
var cspNoWorkerInit = function() {
if ( vAPI.webextFlavor === undefined ) {
return "child-src 'none'; frame-src data: blob: *; report-uri about:blank";
}
µMatrix.cspNoWorker = /^Mozilla-Firefox-5[67]/.test(vAPI.webextFlavor) ?
"child-src 'none'; frame-src data: blob: *; report-uri about:blank" :
"worker-src 'none'; report-uri about:blank" ;
return µMatrix.cspNoWorker;
};
/******************************************************************************/
// Caller must ensure headerName is normalized to lower case.
var headerIndexFromName = function(headerName, headers) {

Loading…
Cancel
Save