Revision 96068ada
Added by koszko almost 2 years ago
| build.sh | ||
|---|---|---|
| 180 | 180 |
mkdir -p "$BUILDDIR"/$DIR |
| 181 | 181 |
done |
| 182 | 182 |
|
| 183 |
CHROMIUM_KEY='' |
|
| 184 | 183 |
CHROMIUM_UPDATE_URL='' |
| 185 | 184 |
GECKO_APPLICATIONS='' |
| 186 | 185 |
|
| ... | ... | |
| 189 | 188 |
fi |
| 190 | 189 |
|
| 191 | 190 |
if [ "$BROWSER" = "chromium" ]; then |
| 192 |
CHROMIUM_KEY="$(dd if=/dev/urandom bs=32 count=1 2>/dev/null | base64)" |
|
| 193 |
CHROMIUM_KEY=$(echo chromium-key-dummy-file-$CHROMIUM_KEY | tr / -) |
|
| 194 |
touch "$BUILDDIR"/$CHROMIUM_KEY |
|
| 195 |
|
|
| 196 | 191 |
CHROMIUM_UPDATE_URL="$UPDATE_URL" |
| 197 |
|
|
| 198 |
CHROMIUM_KEY="\n\ |
|
| 199 |
// WARNING!!!\n\ |
|
| 200 |
// EACH USER SHOULD REPLACE DUMMY FILE's VALUE WITH A UNIQUE ONE!!!\n\ |
|
| 201 |
// OTHERWISE, SECURITY CAN BE TRIVIALLY COMPROMISED!\n\ |
|
| 202 |
// Only relevant to users of chrome-based browsers.\n\ |
|
| 203 |
// Users of Firefox forks are safe.\n\ |
|
| 204 |
\"$CHROMIUM_KEY\"\ |
|
| 205 |
" |
|
| 206 | 192 |
else |
| 207 | 193 |
GECKO_APPLICATIONS="\n\ |
| 208 | 194 |
\"applications\": {\n\
|
| ... | ... | |
| 215 | 201 |
|
| 216 | 202 |
sed "\ |
| 217 | 203 |
s^_GECKO_APPLICATIONS_^$GECKO_APPLICATIONS^ |
| 218 |
s^_CHROMIUM_KEY_^$CHROMIUM_KEY^ |
|
| 219 | 204 |
s^_CHROMIUM_UPDATE_URL_^$CHROMIUM_UPDATE_URL^ |
| 220 | 205 |
s^_BGSCRIPTS_^$BGSCRIPTS^ |
| 221 | 206 |
s^_CONTENTSCRIPTS_^$CONTENTSCRIPTS^" \ |
| ... | ... | |
| 279 | 264 |
fi |
| 280 | 265 |
|
| 281 | 266 |
cp -r copyright licenses/ "$BUILDDIR" |
| 267 |
cp dummy "$BUILDDIR" |
|
| 282 | 268 |
cp html/*.css "$BUILDDIR"/html |
| 283 | 269 |
mkdir "$BUILDDIR"/icons |
| 284 | 270 |
cp icons/*.png "$BUILDDIR"/icons |
Also available in: Unified diff
replace cookies with synchronous XmlHttpRequest as policy smuggling method.
Note: this breaks Mozilla port of Haketilo. Synchronous XmlHttpRequest doesn't work as well there. This will be fixed with dynamically-registered content scripts later.