code review for deeb211c5d

7 years ago · 2d14874d69
parent c96fbb4d5c
commit 2d14874d69
3 changed files with 13 additions and 15 deletions
--- a/src/js/contentscript-start.js
+++ b/src/js/contentscript-start.js
@ -36,7 +36,8 @@
            {
                what: 'securityPolicyViolation',
                policy: ev.originalPolicy,
-                url: ev.documentURI
+                blockedURI: ev.blockedURI,
+                documentURI: ev.documentURI
            }
        );
    });
--- a/src/js/messaging.js
+++ b/src/js/messaging.js
@ -514,6 +514,7 @@ var onMessage = function(request, sender, callback) {

    var tabId = sender && sender.tab ? sender.tab.id || 0 : 0,
        tabContext = µm.tabContextManager.lookup(tabId),
+        rootHostname = tabContext && tabContext.rootHostname,
        pageStore = µm.pageStoreFromTabId(tabId);

    // Sync
@ -535,8 +536,8 @@ var onMessage = function(request, sender, callback) {
    case 'mustRenderNoscriptTags?':
        if ( tabContext === null ) { break; }
        response =
-            µm.tMatrix.mustBlock(tabContext.rootHostname, tabContext.rootHostname, 'script') &&
-            µm.tMatrix.evaluateSwitchZ('noscript-spoof', tabContext.rootHostname);
+            µm.tMatrix.mustBlock(rootHostname, rootHostname, 'script') &&
+            µm.tMatrix.evaluateSwitchZ('noscript-spoof', rootHostname);
        if ( pageStore !== null ) {
            pageStore.hasNoscriptTags = true;
        }
@ -544,25 +545,21 @@ var onMessage = function(request, sender, callback) {

    case 'securityPolicyViolation':
        if ( request.policy !== µm.cspNoWorkerSrc ) { break; }
+        var url = µm.URI.hostnameFromURI(request.blockedURI) !== '' ?
+            request.blockedURI :
+            request.documentURI;
        if ( pageStore !== null ) {
            pageStore.hasWebWorkers = true;
-            pageStore.recordRequest('script', request.url, true);
+            pageStore.recordRequest('script', url, true);
        }
        if ( tabContext !== null ) {
-            µm.logger.writeOne(
-                tabId,
-                'net',
-                tabContext.rootHostname,
-                request.url,
-                'worker',
-                true
-            );
+            µm.logger.writeOne(tabId, 'net', rootHostname, url, 'worker', true);
        }
        break;

    case 'shutdown?':
        if ( tabContext !== null ) {
-            response = µm.tMatrix.evaluateSwitchZ('matrix-off', tabContext.rootHostname);
+            response = µm.tMatrix.evaluateSwitchZ('matrix-off', rootHostname);
        }
        break;

--- a/src/js/traffic.js
+++ b/src/js/traffic.js
@ -313,7 +313,7 @@ var onHeadersReceived = function(details) {

    if ( µm.cspNoWorkerSrc === undefined ) {
        µm.cspNoWorkerSrc = vAPI.webextFlavor.startsWith('Mozilla-') ?
-            "child-src 'none'; frame-src data: blob: *" :
+            "child-src 'none';frame-src data: blob: *" :
            "worker-src 'none'" ;
    }

@ -334,7 +334,7 @@ var onHeadersReceived = function(details) {
    // A CSP header is already present: just add our own directive as a
    // separate disposition (i.e. use comma).
    if ( i !== -1 ) {
-        headers[i].value += ', ' + cspDirectives;
+        headers[i].value += ',' + cspDirectives;
    } else {
        headers.push({ name: 'Content-Security-Policy', value: cspDirectives });
    }