mirror of
https://github.com/bitwarden/browser.git
synced 2024-11-25 12:15:18 +01:00
[PM-4791] Injected content scripts prevent proper XML file display and disrupt XML responses (#8214)
* [PM-4791] Injected content scripts prevent proper XML file display and disrupt XML responses * [PM-4791] Adjsuting reference for Fido2 script injection to ensure it only triggers on https protocol types
This commit is contained in:
parent
7df9c597af
commit
905d177873
@ -18,23 +18,24 @@
|
||||
{
|
||||
"all_frames": false,
|
||||
"js": ["content/content-message-handler.js"],
|
||||
"matches": ["http://*/*", "https://*/*", "file:///*"],
|
||||
"matches": ["*://*/*", "file:///*"],
|
||||
"exclude_matches": ["*://*/*.xml*", "file:///*.xml*"],
|
||||
"run_at": "document_start"
|
||||
},
|
||||
{
|
||||
"all_frames": true,
|
||||
"js": [
|
||||
"content/trigger-autofill-script-injection.js",
|
||||
"content/fido2/trigger-fido2-content-script-injection.js"
|
||||
],
|
||||
"matches": ["http://*/*", "https://*/*", "file:///*"],
|
||||
"js": ["content/fido2/trigger-fido2-content-script-injection.js"],
|
||||
"matches": ["https://*/*"],
|
||||
"exclude_matches": ["https://*/*.xml*"],
|
||||
"run_at": "document_start"
|
||||
},
|
||||
{
|
||||
"all_frames": true,
|
||||
"css": ["content/autofill.css"],
|
||||
"matches": ["http://*/*", "https://*/*", "file:///*"],
|
||||
"run_at": "document_end"
|
||||
"js": ["content/trigger-autofill-script-injection.js"],
|
||||
"matches": ["*://*/*", "file:///*"],
|
||||
"exclude_matches": ["*://*/*.xml*", "file:///*.xml*"],
|
||||
"run_at": "document_start"
|
||||
},
|
||||
{
|
||||
"all_frames": false,
|
||||
@ -57,6 +58,7 @@
|
||||
},
|
||||
"permissions": [
|
||||
"<all_urls>",
|
||||
"*://*/*",
|
||||
"tabs",
|
||||
"contextMenus",
|
||||
"storage",
|
||||
@ -64,8 +66,6 @@
|
||||
"clipboardRead",
|
||||
"clipboardWrite",
|
||||
"idle",
|
||||
"http://*/*",
|
||||
"https://*/*",
|
||||
"webRequest",
|
||||
"webRequestBlocking"
|
||||
],
|
||||
|
@ -19,16 +19,23 @@
|
||||
{
|
||||
"all_frames": false,
|
||||
"js": ["content/content-message-handler.js"],
|
||||
"matches": ["http://*/*", "https://*/*", "file:///*"],
|
||||
"matches": ["*://*/*", "file:///*"],
|
||||
"exclude_matches": ["*://*/*.xml*", "file:///*.xml*"],
|
||||
"run_at": "document_start"
|
||||
},
|
||||
{
|
||||
"all_frames": true,
|
||||
"js": [
|
||||
"content/trigger-autofill-script-injection.js",
|
||||
"content/fido2/trigger-fido2-content-script-injection.js"
|
||||
],
|
||||
"matches": ["http://*/*", "https://*/*", "file:///*"],
|
||||
"js": ["content/fido2/trigger-fido2-content-script-injection.js"],
|
||||
"matches": ["https://*/*"],
|
||||
"exclude_matches": ["https://*/*.xml*"],
|
||||
"run_at": "document_start"
|
||||
},
|
||||
{
|
||||
"all_frames": true,
|
||||
"css": ["content/autofill.css"],
|
||||
"js": ["content/trigger-autofill-script-injection.js", "content/misc-utils.js"],
|
||||
"matches": ["*://*/*", "file:///*"],
|
||||
"exclude_matches": ["*://*/*.xml*", "file:///*.xml*"],
|
||||
"run_at": "document_start"
|
||||
},
|
||||
{
|
||||
@ -36,18 +43,6 @@
|
||||
"js": ["content/lp-fileless-importer.js"],
|
||||
"matches": ["https://lastpass.com/export.php"],
|
||||
"run_at": "document_start"
|
||||
},
|
||||
{
|
||||
"all_frames": true,
|
||||
"css": ["content/autofill.css"],
|
||||
"matches": ["http://*/*", "https://*/*", "file:///*"],
|
||||
"run_at": "document_end"
|
||||
},
|
||||
{
|
||||
"all_frames": true,
|
||||
"js": ["content/misc-utils.js"],
|
||||
"matches": ["http://*/*", "https://*/*", "file:///*"],
|
||||
"run_at": "document_end"
|
||||
}
|
||||
],
|
||||
"background": {
|
||||
@ -76,7 +71,7 @@
|
||||
"offscreen"
|
||||
],
|
||||
"optional_permissions": ["nativeMessaging", "privacy"],
|
||||
"host_permissions": ["http://*/*", "https://*/*"],
|
||||
"host_permissions": ["*://*/*"],
|
||||
"content_security_policy": {
|
||||
"extension_pages": "script-src 'self' 'wasm-unsafe-eval'; object-src 'self'",
|
||||
"sandbox": "sandbox allow-scripts; script-src 'self'"
|
||||
|
@ -138,6 +138,7 @@ async function run() {
|
||||
});
|
||||
}
|
||||
|
||||
// FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
|
||||
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
||||
run();
|
||||
// Only run the script if the document is an HTML document
|
||||
if (document.contentType === "text/html") {
|
||||
void run();
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user