[or-cvs] [https-everywhere/master 8/9] Update HTTPS.js to NoScript 2.0.4.
mikeperry at torproject.org
mikeperry at torproject.org
Thu Nov 11 19:09:52 UTC 2010
Author: Mike Perry <mikeperry-git fscked org>
Date: Thu, 4 Nov 2010 20:39:22 -0700
Subject: Update HTTPS.js to NoScript 2.0.4.
Commit: 1cbfbacd028330773b6bcc1cfdf790856cec49f9
---
src/chrome/content/code/HTTPS.js | 22 +++++++++++++++++-----
1 files changed, 17 insertions(+), 5 deletions(-)
diff --git a/src/chrome/content/code/HTTPS.js b/src/chrome/content/code/HTTPS.js
index a8d4bb9..ef4571f 100644
--- a/src/chrome/content/code/HTTPS.js
+++ b/src/chrome/content/code/HTTPS.js
@@ -42,7 +42,7 @@ const HTTPS = {
HTTPS.log(INFO,
"Got replace channel with no applicable rules for URI "
+ channel.URI.spec);
- return;
+ return false;
}
var c2=channel.QueryInterface(CI.nsIHttpChannel);
@@ -105,19 +105,31 @@ const HTTPS = {
return true;
} catch(e) {
- if (ctx && (ctx instanceof CI.nsIDOMHTMLImageElement || ctx instanceof CI.nsIDOMHTMLInputElement)) {
+ if (ctx &&
+ (ctx instanceof CI.nsIDOMHTMLImageElement
+ || ctx instanceof CI.nsIDOMHTMLInputElement
+ || ctx instanceof CI.nsIObjectLoadingContent)) {
var newuri = HTTPSRules.rewrittenURI(uri);
if (!newuri) {
this.log(WARN, "SHOULD NEVER HAPPEN");
return true; // this should never happen
}
+ var type, attr;
+ if (ctx instanceof CI.nsIObjectLoadingContent) {
+ type = "Object";
+ attr = "data";
+ } else {
+ type = "Image";
+ attr = "src";
+ }
// XXX Isn't this a security flaw? Have to bug Georgio about
// this... the content policy docs claim to require it, but
// it looks like a race condition nightmare.
- Thread.asap(function() { ctx.src = newuri.spec; });
-
- var msg = "Image HTTP->HTTPS redirection to " + newuri.spec;
+ Thread.asap(function() { ctx.setAttribute(attr, newuri.spec); });
+
+ var msg = type + " HTTP->HTTPS redirection to " + newuri.spec;
+
this.log(INFO,msg);
throw msg;
}
--
1.7.1
More information about the tor-commits
mailing list