2018-07-16 00:14:44 +02:00
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
(function(){
|
|
|
|
"use strict";
|
|
|
|
|
|
|
|
var scope;
|
|
|
|
if ((typeof exports) !== "undefined"){
|
|
|
|
scope = exports;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
window.scope.dataUrls = {};
|
|
|
|
scope = window.scope.dataUrls;
|
|
|
|
}
|
|
|
|
|
|
|
|
const logging = require("./logging");
|
|
|
|
const settings = require("./settings");
|
2018-07-24 21:30:57 +02:00
|
|
|
let canMergeHeader = false;
|
2018-07-24 23:30:00 +02:00
|
|
|
let blockBlob = true;
|
2018-07-24 21:30:57 +02:00
|
|
|
browser.runtime.getBrowserInfo().then(function(info){
|
2018-07-24 23:30:00 +02:00
|
|
|
const mainVersion = parseInt(info.version.replace(/\..+/, ""), 10);
|
|
|
|
canMergeHeader = mainVersion > 59;
|
|
|
|
blockBlob = mainVersion < 60;
|
2018-07-24 21:30:57 +02:00
|
|
|
});
|
|
|
|
function setHeader(headers, header){
|
|
|
|
if (canMergeHeader){
|
|
|
|
headers.push(header);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
const headerName = header.name.toLowerCase();
|
|
|
|
const presentHeader = headers.filter(function(h){
|
|
|
|
return h.name.toLowerCase() === headerName;
|
|
|
|
});
|
|
|
|
if (presentHeader.length){
|
|
|
|
presentHeader[0].value += ", " + header.value;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
headers.push(header);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2018-07-16 00:14:44 +02:00
|
|
|
|
|
|
|
scope.init = function(){
|
2018-07-21 00:32:15 +02:00
|
|
|
browser.webRequest.onHeadersReceived.addListener(
|
2018-07-16 00:14:44 +02:00
|
|
|
function(details){
|
2018-07-24 23:30:00 +02:00
|
|
|
const cspMatch = (blockBlob? "": "blob: ") + "filesystem: *";
|
2018-07-21 00:32:15 +02:00
|
|
|
const headers = details.responseHeaders;
|
|
|
|
if (settings.blockDataURLs){
|
|
|
|
logging.verbose("Adding CSP header to", details);
|
2018-07-24 21:30:57 +02:00
|
|
|
setHeader(headers, {
|
2018-07-21 00:32:15 +02:00
|
|
|
name: "Content-Security-Policy",
|
2018-08-21 22:01:10 +02:00
|
|
|
value: `object-src ${cspMatch}; frame-src ${cspMatch}`
|
|
|
|
// + "; report-to https://canvasblocker.invalid/; report-uri https://canvasblocker.invalid/"
|
2018-07-21 00:32:15 +02:00
|
|
|
});
|
2018-07-16 00:14:44 +02:00
|
|
|
}
|
2018-07-21 00:32:15 +02:00
|
|
|
return {
|
|
|
|
responseHeaders: headers
|
|
|
|
};
|
2018-07-16 00:14:44 +02:00
|
|
|
},
|
|
|
|
{
|
2018-07-21 19:34:24 +02:00
|
|
|
urls: ["<all_urls>"],
|
|
|
|
types: ["main_frame", "sub_frame", "object"]
|
2018-07-16 00:14:44 +02:00
|
|
|
},
|
2018-07-21 00:32:15 +02:00
|
|
|
["blocking", "responseHeaders"]
|
2018-07-16 00:14:44 +02:00
|
|
|
);
|
|
|
|
};
|
|
|
|
|
|
|
|
}());
|