filippodb/LocalCDN-Firefox-Chrome-Brave
1
0
Fork 0
mirror of https://codeberg.org/nobody/LocalCDN.git synced 2025-01-10 17:23:18 +01:00
Code Issues Projects Releases Wiki Activity

Improved: Only remove metadata if origin is not on allowed list (#179)

Browse Source
This commit is contained in:
nobody 2020-11-21 07:01:46 +01:00
parent fdd3945024
commit de4b23a129
No known key found for this signature in database
GPG Key ID: 8F6DE3D614FCFD7A
1 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
core/request-sanitizer.js
View File

@ -46,11 +46,19 @@ requestSanitizer.disable = function () {
*/
requestSanitizer._stripMetadata = function (requestDetails) {
let sensitiveHeaders, initiatorDomain, allowlistedDomains;
let sensitiveHeaders = [Header.COOKIE, Header.ORIGIN, Header.REFERER];
sensitiveHeaders = [Header.COOKIE, Header.ORIGIN, Header.REFERER];
initiatorDomain = helpers.extractDomainFromUrl(requestDetails.originUrl, true);
allowlistedDomains = stateManager._domainIsListed(initiatorDomain);
if (allowlistedDomains) {
return {
[WebRequest.HEADERS]: requestDetails.requestHeaders,
};
}
for (let i = 0; i < requestDetails.requestHeaders.length; ++i) {
if (sensitiveHeaders.indexOf(requestDetails.requestHeaders[i].name) > -1) {
requestDetails.requestHeaders.splice(i--, 1);
}