Ticket #93 (closed defect: fixed)
Rules with $url.scheme=='chrome' are ignored
| Reported by: | esquifit@… | Owned by: | t-bone |
|---|---|---|---|
| Priority: | major | Component: | Karma Blocker |
| Version: | 0.2.1 | Severity: | Broken |
| Keywords: | chrome | Cc: |
Description (last modified by t-bone) (diff)
Rules with $url.scheme=='chrome' are not taken into account. As a consequence the security feature of blocking chrome access to web pages does not work at all.
The reason is a bug in the source code of kabl-policy.js, namely a reference to a non-existing object 'originLocation' is being used instead of 'requestOrigin'. Diff follows:
--- kabl-policy.js_orig 2007-06-28 10:58:20.000000000 +0200
+++ kabl-policy.js 2007-11-10 01:51:42.229006400 +0100
@@ -204,7 +204,7 @@
// if it is chrome, and so is the origin, let it through
if (contentLocation.schemeIs('chrome') &&
- originLocation.schemeIs('chrome')
+ requestOrigin.schemeIs('chrome')
) {
return this.ACCEPT;
}
Attachments
Change History
Note: See
TracTickets for help on using
tickets.