Skip to content
Snippets Groups Projects
Commit f5f0154c authored by Thomas Rientjes's avatar Thomas Rientjes
Browse files

Adjust domain tainting mechanism

parent 7d8eee86
No related branches found
No related tags found
No related merge requests found
......@@ -28,7 +28,7 @@ var { Cc, Ci, Cr } = require('chrome');
var simplePreferences = require('sdk/simple-prefs');
/**
* Retains data across Firefox restarts.
* Retains data across application restarts.
* @var {object} simpleStorage
*/
var simpleStorage = require('sdk/simple-storage');
......
......@@ -30,7 +30,7 @@ var xpcom = require('sdk/platform/xpcom');
var mappings = require('./mappings');
/**
* Retains data across Firefox restarts.
* Retains data across application restarts.
* @var {object} simpleStorage
*/
var simpleStorage = require('sdk/simple-storage');
......@@ -45,7 +45,6 @@ var categoryManager = Cc['@mozilla.org/categorymanager;1']
const CONTRACT_ID = '@decentraleyes.org/load-watcher;1';
const SCRIPT_CONTENT_TYPE = Ci.nsIContentPolicy.TYPE_SCRIPT;
const HTML_DOCUMENT = Ci.nsIDOMHTMLDocument;
const SCRIPT_ELEMENT = Ci.nsIDOMHTMLScriptElement;
const REQUEST_ACCEPTATION = Ci.nsIContentPolicy.ACCEPT;
......@@ -55,11 +54,21 @@ const REQUEST_ACCEPTATION = Ci.nsIContentPolicy.ACCEPT;
var storage = simpleStorage.storage;
/**
* Tainted domains that are not automatically detectable.
* @var {object} undetectableTaintedDomains
*/
var undetectableTaintedDomains = {
'passport.twitch.tv': true,
'minigames.mail.ru': true
};
/**
* Initializations
*/
storage.taintedDomains = storage.taintedDomains || {};
storage.taintedDomains = storage.taintedDomains || undetectableTaintedDomains;
/**
* Load Watcher Class
......@@ -69,7 +78,9 @@ var LoadWatcher = new Class({
extends: Unknown,
interfaces: ['nsIContentPolicy'],
get wrappedJSObject() { return this },
get wrappedJSObject() {
return this
},
register: function () {
......@@ -88,17 +99,6 @@ var LoadWatcher = new Class({
// Add corresponding origin domain to the list of tainted domains.
storage.taintedDomains[requestOrigin.host] = true;
}
} else if (node instanceof HTML_DOCUMENT) {
if (node.defaultView && node.defaultView.frameElement) {
if (node.defaultView.frameElement.tagName === 'IFRAME') {
// Add corresponding origin domain to the list of tainted domains.
storage.taintedDomains[requestOrigin.host] = true;
}
}
}
}
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment