security-and-privacy/CanvasBlocker
security-and-privacy/CanvasBlocker
1
0
Fork 0
mirror of https://github.com/kkapsner/CanvasBlocker synced 2025-01-03 18:42:00 +01:00
Code Releases Activity

Allow blob and filesystem schemes

Browse Source 
They are protected and do not need to be blocked (like data-URLs).

Fixes #212 and fixes #213.
This commit is contained in:
kkapsner 2018-07-21 13:25:15 +02:00
parent eb1a441625
commit 8389165b70
3 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/dataUrls.js
View File

@ -17,6 +17,7 @@
const settings = require("./settings"); const settings = require("./settings");
scope.init = function(){ scope.init = function(){
const cspMatch = "blob: filesystem: *";
browser.webRequest.onHeadersReceived.addListener( browser.webRequest.onHeadersReceived.addListener(
function(details){ function(details){
const headers = details.responseHeaders; const headers = details.responseHeaders;
@ -24,7 +25,7 @@
logging.verbose("Adding CSP header to", details); logging.verbose("Adding CSP header to", details);
headers.push({ headers.push({
name: "Content-Security-Policy", name: "Content-Security-Policy",
value: "object-src *; child-src *" value: `object-src ${cspMatch}; frame-src ${cspMatch}; worker-src ${cspMatch}`
}); });
} }
return { return {

2
manifest.json
View File

@ -2,7 +2,7 @@
{ {
"name": "CanvasBlocker", "name": "CanvasBlocker",
"description": "__MSG_addon_description__", "description": "__MSG_addon_description__",
"version": "0.5.1", "version": "0.5.1.1",
"icons": { "icons": {
"48": "icons/icon.svg", "48": "icons/icon.svg",
"96": "icons/icon.svg" "96": "icons/icon.svg"

3
releaseNotes.txt
View File

@ -1,3 +1,6 @@
Version 0.5.1.1:
fixes:
- blocking blob: scheme broke some pages unnecessarily
Version 0.5.1b: Version 0.5.1b:
known issues: known issues: