diff options
| author | William Chong <williamchong007@msn.com> | 2017-12-05 19:25:35 +0800 |
|---|---|---|
| committer | William Chong <williamchong007@msn.com> | 2017-12-05 19:53:01 +0800 |
| commit | 03f86acd60655cf73a8f52dbe503df71e9d2b718 (patch) | |
| tree | 00abe1f52c0008f30dc773926784e45129764c6c /app | |
| parent | c30b543a8069c3925bb254716699752e38eaf97a (diff) | |
| download | tangerine-wallet-browser-03f86acd60655cf73a8f52dbe503df71e9d2b718.tar tangerine-wallet-browser-03f86acd60655cf73a8f52dbe503df71e9d2b718.tar.gz tangerine-wallet-browser-03f86acd60655cf73a8f52dbe503df71e9d2b718.tar.bz2 tangerine-wallet-browser-03f86acd60655cf73a8f52dbe503df71e9d2b718.tar.lz tangerine-wallet-browser-03f86acd60655cf73a8f52dbe503df71e9d2b718.tar.xz tangerine-wallet-browser-03f86acd60655cf73a8f52dbe503df71e9d2b718.tar.zst tangerine-wallet-browser-03f86acd60655cf73a8f52dbe503df71e9d2b718.zip | |
fix #1398, prevent injecting xml without xml suffix
Diffstat (limited to 'app')
| -rw-r--r-- | app/scripts/contentscript.js | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/app/scripts/contentscript.js b/app/scripts/contentscript.js index ffbbc73cc..2ed7c87b6 100644 --- a/app/scripts/contentscript.js +++ b/app/scripts/contentscript.js @@ -96,7 +96,7 @@ function logStreamDisconnectWarning (remoteLabel, err) { } function shouldInjectWeb3 () { - return doctypeCheck() || suffixCheck() + return doctypeCheck() && suffixCheck() && documentElementCheck() } function doctypeCheck () { @@ -104,7 +104,7 @@ function doctypeCheck () { if (doctype) { return doctype.name === 'html' } else { - return false + return true } } @@ -121,6 +121,14 @@ function suffixCheck () { return true } +function documentElementCheck () { + var documentElement = document.documentElement.nodeName + if (documentElement) { + return documentElement.toLowerCase() === 'html' + } + return true +} + function redirectToPhishingWarning () { console.log('MetaMask - redirecting to phishing warning') window.location.href = 'https://metamask.io/phishing.html' |