Code: Select all
return '^' + p.replace(/^([^\/:]+:\/*)\*/, "$1[^/]*").replace(/\*/g, '.*?');URIPatternList.parse mishandles * in domain
-
mattmccutchen
- Posts: 9
- Joined: Mon Mar 23, 2009 12:26 am
URIPatternList.parse mishandles * in domain
IIUC, the following line of noscriptService.js is responsible for * in force-HTTPS glob patterns:
The first replacement appears to make the * in *.mattmccutchen.net not match slashes. But this doesn't work, because its output is affected by the second replacement. E.g., with *.mattmccutchen.net in the force-HTTPS list, http://a/.mattmccutchen.net is forced to HTTPS. Reversing the order of the replacements should fix the problem.
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.7) Gecko/2009030503 Fedora/3.0.7-1.fc10 Firefox/3.0.7
-
Giorgio Maone
- Site Admin
- Posts: 9454
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: URIPatternList.parse mishandles * in domain
Ouch!
Changed into
(notice the extra dot being elided).
Fixed in latest development build, thanks.
It's not enough, actually.Reversing the order of the replacements should fix the problem.
Changed into
Code: Select all
return '^' + p.replace(/\*/g, '.*?').replace(/^([^\/:]+:\/*)\.\*/, "$1[^/]*");
Fixed in latest development build, thanks.
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.0.7) Gecko/2009021910 Firefox/3.0.7 (.NET CLR 3.5.30729)
-
GµårÐïåñ
- Lieutenant Colonel
- Posts: 3365
- Joined: Fri Mar 20, 2009 5:19 am
- Location: PST - USA
- Contact:
Re: URIPatternList.parse mishandles * in domain
I had missed this, wow such a subtle but incredible difference. Sweet.
~.:[ Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k ]:.~
________________ .: [ Major Mike's ] :. ________________
________________ .: [ Major Mike's ] :. ________________
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8 NoScript/1.9.1.7 FlashGot/1.1.8.5 FirePHP/0.2.4