Index: lib/requestBlocker.js |
=================================================================== |
--- a/lib/requestBlocker.js |
+++ b/lib/requestBlocker.js |
@@ -29,6 +29,8 @@ |
const {port} = require("messaging"); |
const devtools = require("devtools"); |
+const extensionProtocol = new URL(browser.extension.getURL("")).protocol; |
+ |
// Chrome can't distinguish between OBJECT_SUBREQUEST and OBJECT requests. |
if (!browser.webRequest.ResourceType || |
!("OBJECT_SUBREQUEST" in browser.webRequest.ResourceType)) |
@@ -139,23 +141,18 @@ |
url.protocol != "ws:" && url.protocol != "wss:") |
return; |
- let originUrl = null; |
- if (details.originUrl) |
- { |
- originUrl = new URL(details.originUrl); |
+ // Firefox provides us with the full origin URL, while Chromium (>=63) |
+ // provides only the protocol + host of the (top-level) document which |
+ // the request originates from through the "initiator" property. |
+ let originUrl = details.originUrl ? new URL(details.originUrl) : |
+ details.initiator ? new URL(details.initiator) : null; |
- // Firefox (only) allows to intercept requests sent by the browser |
- // and other extensions. We don't want to block these. |
- if (originUrl.protocol == "chrome:" || |
- originUrl.protocol == "moz-extension:") |
- return; |
- } |
- // Fallback to "initiator" on Chrome >=63. It doesn't include the |
- // path (unlike "originUrl" on Firefox), but is still good enough |
- // (in case the tab/frame is unknown) for the $domain filter option |
- // and most document exception rules which only match the domain part. |
- else if (details.initiator) |
- originUrl = new URL(details.initiator); |
+ // Firefox allows to intercept requests sent by all extensions or |
+ // the browser, while Chromium only allows interecepting of requests |
+ // sent by this extension. We don't want to block any of these. |
+ if (originUrl && (originUrl.protocol == extensionProtocol || |
+ originUrl.protocol == "chrome:")) |
+ return; |
let page = null; |
let frame = null; |