|
@ -1,7 +1,7 @@ |
|
|
/******************************************************************************* |
|
|
/******************************************************************************* |
|
|
|
|
|
|
|
|
uMatrix - a Chromium browser extension to black/white list requests. |
|
|
uMatrix - a Chromium browser extension to black/white list requests. |
|
|
Copyright (C) 2014-2017 Raymond Hill |
|
|
|
|
|
|
|
|
Copyright (C) 2014-2018 Raymond Hill |
|
|
|
|
|
|
|
|
This program is free software: you can redistribute it and/or modify |
|
|
This program is free software: you can redistribute it and/or modify |
|
|
it under the terms of the GNU General Public License as published by |
|
|
it under the terms of the GNU General Public License as published by |
|
@ -314,18 +314,16 @@ var onHeadersReceived = function(details) { |
|
|
csp.push(µm.cspNoInlineStyle); |
|
|
csp.push(µm.cspNoInlineStyle); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
// TODO: Firefox will eventually support `worker-src`:
|
|
|
|
|
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=1231788
|
|
|
|
|
|
if ( µm.cspNoWorker === undefined ) { |
|
|
|
|
|
µm.cspNoWorker = vAPI.webextFlavor.startsWith('Mozilla-') ? |
|
|
|
|
|
"child-src 'none'; frame-src data: blob: *; report-uri about:blank" : |
|
|
|
|
|
"worker-src 'none'; report-uri about:blank" ; |
|
|
|
|
|
|
|
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=1302667
|
|
|
|
|
|
var cspNoWorker = µm.cspNoWorker; |
|
|
|
|
|
if ( cspNoWorker === undefined ) { |
|
|
|
|
|
cspNoWorker = cspNoWorkerInit(); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
if ( µm.tMatrix.evaluateSwitchZ('no-workers', rootHostname) ) { |
|
|
if ( µm.tMatrix.evaluateSwitchZ('no-workers', rootHostname) ) { |
|
|
csp.push(µm.cspNoWorker); |
|
|
|
|
|
|
|
|
csp.push(cspNoWorker); |
|
|
} else if ( µm.rawSettings.disableCSPReportInjection === false ) { |
|
|
} else if ( µm.rawSettings.disableCSPReportInjection === false ) { |
|
|
cspReport.push(µm.cspNoWorker); |
|
|
|
|
|
|
|
|
cspReport.push(cspNoWorker); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
var headers = details.responseHeaders, |
|
|
var headers = details.responseHeaders, |
|
@ -365,6 +363,18 @@ var onHeadersReceived = function(details) { |
|
|
|
|
|
|
|
|
/******************************************************************************/ |
|
|
/******************************************************************************/ |
|
|
|
|
|
|
|
|
|
|
|
var cspNoWorkerInit = function() { |
|
|
|
|
|
if ( vAPI.webextFlavor === undefined ) { |
|
|
|
|
|
return "child-src 'none'; frame-src data: blob: *; report-uri about:blank"; |
|
|
|
|
|
} |
|
|
|
|
|
µMatrix.cspNoWorker = /^Mozilla-Firefox-5[67]/.test(vAPI.webextFlavor) ? |
|
|
|
|
|
"child-src 'none'; frame-src data: blob: *; report-uri about:blank" : |
|
|
|
|
|
"worker-src 'none'; report-uri about:blank" ; |
|
|
|
|
|
return µMatrix.cspNoWorker; |
|
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
/******************************************************************************/ |
|
|
|
|
|
|
|
|
// Caller must ensure headerName is normalized to lower case.
|
|
|
// Caller must ensure headerName is normalized to lower case.
|
|
|
|
|
|
|
|
|
var headerIndexFromName = function(headerName, headers) { |
|
|
var headerIndexFromName = function(headerName, headers) { |
|
|