Revision 6b53d6c8
Added by koszko about 2 years ago
| background/main.js | ||
|---|---|---|
| 11 | 11 |
* IMPORT get_storage |
| 12 | 12 |
* IMPORT start_storage_server |
| 13 | 13 |
* IMPORT start_page_actions_server |
| 14 |
* IMPORT start_policy_injector |
|
| 15 | 14 |
* IMPORT browser |
| 15 |
* IMPORT is_privileged_url |
|
| 16 |
* IMPORT query_best |
|
| 17 |
* IMPORT gen_nonce |
|
| 18 |
* IMPORT inject_csp_headers |
|
| 19 |
* IMPORT apply_stream_filter |
|
| 20 |
* IMPORT is_chrome |
|
| 16 | 21 |
* IMPORTS_END |
| 17 | 22 |
*/ |
| 18 | 23 |
|
| 19 | 24 |
start_storage_server(); |
| 20 | 25 |
start_page_actions_server(); |
| 21 |
start_policy_injector(); |
|
| 22 | 26 |
|
| 23 | 27 |
async function init_ext(install_details) |
| 24 | 28 |
{
|
| 25 |
console.log("details:", install_details);
|
|
| 26 | 29 |
if (install_details.reason != "install") |
| 27 | 30 |
return; |
| 28 | 31 |
|
| ... | ... | |
| 44 | 47 |
|
| 45 | 48 |
browser.runtime.onInstalled.addListener(init_ext); |
| 46 | 49 |
|
| 47 |
console.log("hello, hachette");
|
|
| 50 |
|
|
| 51 |
let storage; |
|
| 52 |
|
|
| 53 |
function on_headers_received(details) |
|
| 54 |
{
|
|
| 55 |
const url = details.url; |
|
| 56 |
if (is_privileged_url(details.url)) |
|
| 57 |
return; |
|
| 58 |
|
|
| 59 |
const [pattern, settings] = query_best(storage, details.url); |
|
| 60 |
const allow = !!(settings && settings.allow); |
|
| 61 |
const nonce = gen_nonce(); |
|
| 62 |
const policy = {allow, url, nonce};
|
|
| 63 |
|
|
| 64 |
let headers = details.responseHeaders; |
|
| 65 |
let skip = false; |
|
| 66 |
for (const header of headers) {
|
|
| 67 |
if ((header.name.toLowerCase().trim() === "content-disposition" && |
|
| 68 |
/^\s*attachment\s*(;.*)$/i.test(header.value))) |
|
| 69 |
skip = true; |
|
| 70 |
} |
|
| 71 |
|
|
| 72 |
headers = inject_csp_headers(details, headers, policy); |
|
| 73 |
|
|
| 74 |
skip = skip || (details.statusCode >= 300 && details.statusCode < 400); |
|
| 75 |
if (!skip) {
|
|
| 76 |
/* Check for API availability. */ |
|
| 77 |
if (browser.webRequest.filterResponseData) |
|
| 78 |
headers = apply_stream_filter(details, headers, policy); |
|
| 79 |
} |
|
| 80 |
|
|
| 81 |
return {responseHeaders: headers};
|
|
| 82 |
} |
|
| 83 |
|
|
| 84 |
async function start_webRequest_operations() |
|
| 85 |
{
|
|
| 86 |
storage = await get_storage(); |
|
| 87 |
|
|
| 88 |
const extra_opts = ["blocking", "responseHeaders"]; |
|
| 89 |
if (is_chrome) |
|
| 90 |
extra_opts.push("extraHeaders");
|
|
| 91 |
|
|
| 92 |
browser.webRequest.onHeadersReceived.addListener( |
|
| 93 |
on_headers_received, |
|
| 94 |
{urls: ["<all_urls>"], types: ["main_frame", "sub_frame"]},
|
|
| 95 |
extra_opts |
|
| 96 |
); |
|
| 97 |
} |
|
| 98 |
|
|
| 99 |
start_webRequest_operations(); |
|
Also available in: Unified diff
use StreamFilter under Mozilla to prevent csp tags from blocking our injected scripts