首页 发现 帮助
注册 登录
Apq
/
violentmonkey
镜像自地址 https://github.com/violentmonkey/violentmonkey.git
1
0
派生 0
文件 工单管理 0 Wiki
浏览代码

fix: safeguard RegExp#exec, #1421

tophf 3 年之前
父节点
87ac030eb0
当前提交
c54883576e
共有 3 个文件被更改,包括 8 次插入3 次删除
分列视图 显示文件统计
  1. 2 1
      src/injected/web/requests.js
  2. 4 1
      src/injected/web/safe-globals-web.js
  3. 2 1
      src/injected/web/util-web.js

+ 2 - 1
src/injected/web/requests.js
查看文件 

@@ -1,6 +1,7 @@
 
 import bridge from './bridge';
 
 
 const idMap = createNullObj();
 
+const contentTypeRe = setOwnProp(/[,;].*|\s+/g, 'exec', regexpExec);
 
 
 bridge.addHandlers({
 
   HttpRequested(msg) {
 
@@ -36,7 +37,7 @@ function parseData(req, msg) {
 
   case 'document':
 
     res = new SafeDOMParser()::parseFromString(res,
 
       // Cutting everything after , or ; and trimming whitespace
 
-      /[,;].*|\s+/g::regexpReplace(msg.contentType, '') || 'text/html');
 
+      contentTypeRe::regexpReplace(msg.contentType, '') || 'text/html');
 
     break;
 
   default:
 
   }

+ 4 - 1
src/injected/web/safe-globals-web.js
查看文件 

@@ -64,6 +64,7 @@ export let
 
   readAsDataURL, // FileReader
 
   safeResponseBlob, // Response - safe = "safe global" to disambiguate the name
 
   stopImmediatePropagation,
 
+  regexpExec, // used by replace() internally
 
   regexpReplace,
 
   then,
 
   // various getters
 
@@ -81,6 +82,7 @@ export let
 
 export const VAULT = (() => {
 
   let ArrayP;
 
   let ElementP;
 
+  let RegExpP;
 
   let SafeObject;
 
   let StringP;
 
   let i = -1;
 
@@ -152,7 +154,8 @@ export const VAULT = (() => {
 
     readAsDataURL = res[i += 1] || SafeFileReader[PROTO].readAsDataURL,
 
     safeResponseBlob = res[i += 1] || SafeResponse[PROTO].blob,
 
     stopImmediatePropagation = res[i += 1] || src.Event[PROTO].stopImmediatePropagation,
 
-    regexpReplace = res[i += 1] || src.RegExp[PROTO][SafeSymbol.replace],
 
+    regexpExec = res[i += 1] || (RegExpP = src.RegExp[PROTO]).exec,
 
+    regexpReplace = res[i += 1] || RegExpP[SafeSymbol.replace],
 
     then = res[i += 1] || SafePromise[PROTO].then,
 
     // various getters
 
     getBlobType = res[i += 1] || describeProperty(src.Blob[PROTO], 'type').get,

+ 2 - 1
src/injected/web/util-web.js
查看文件 

@@ -23,7 +23,8 @@ const escMap = {
 
   '\t': '\\t',
 
 };
 
 // TODO: handle \u2028\u2029 when Chrome's JSON.stringify starts to escape them
 
-const escRE = /[\\"\u0000-\u001F]/g; // eslint-disable-line no-control-regex
 
+// eslint-disable-next-line no-control-regex
 
+const escRE = setOwnProp(/[\\"\u0000-\u001F]/g, 'exec', regexpExec);
 
 const hex = '0123456789ABCDEF';
 
 const escCharCode = num => `\\u00${
 
   hex[num >> 4] // eslint-disable-line no-bitwise