Request additional permissions immediately on clicking 'Post from URL' and only then. #2230

This commit is contained in:
ccd0 2019-03-08 15:21:43 -08:00
parent c86fadf0f3
commit 8e22de0ca0
3 changed files with 54 additions and 51 deletions

View File

@ -430,6 +430,7 @@ QR =
handleUrl: (urlDefault) -> handleUrl: (urlDefault) ->
QR.open() QR.open()
QR.selected.preventAutoPost() QR.selected.preventAutoPost()
CrossOrigin.permission ->
url = prompt 'Enter a URL:', urlDefault url = prompt 'Enter a URL:', urlDefault
return if url is null return if url is null
QR.nodes.fileButton.focus() QR.nodes.fileButton.focus()

View File

@ -8,25 +8,19 @@ chrome.runtime.onMessage.addListener (request, sender, sendResponse) ->
chrome.tabs.sendMessage sender.tab.id, {id, data: response} chrome.tabs.sendMessage sender.tab.id, {id, data: response}
handlers = handlers =
ajax: (request, cb) -> permission: (request, cb) ->
if request.responseType is 'arraybuffer'
# Cross-origin image fetching. Need permission.
chrome.permissions.contains chrome.permissions.contains
origins: ['*://*/'] origins: ['*://*/']
, (result) -> , (result) ->
if result if result
ajax request, cb cb()
else else
chrome.permissions.request chrome.permissions.request
origins: ['*://*/'] origins: ['*://*/']
, -> , ->
ajax request, cb cb()
return true
else
# JSON fetching from non-HTTPS archive.
ajax request, cb
ajax = (request, cb) -> ajax: (request, cb) ->
xhr = new XMLHttpRequest() xhr = new XMLHttpRequest()
xhr.open 'GET', request.url, true xhr.open 'GET', request.url, true
xhr.responseType = request.responseType xhr.responseType = request.responseType

View File

@ -131,3 +131,11 @@ CrossOrigin =
else else
failure url failure url
<% } %> <% } %>
permission: (cb) ->
<% if (type === 'crx') { %>
eventPageRequest {type: 'permission'}, -> cb()
<% } %>
<% if (type === 'userscript') { %>
cb()
<% } %>