|
|
@@ -394,6 +394,7 @@ const PREFIX_DATA_URI_IMAGE_SVG = "data:image/svg+xml";
|
|
|
const EMPTY_IMAGE = "data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==";
|
|
|
const SCRIPT_TAG_FOUND = /<script/gi;
|
|
|
const NOSCRIPT_TAG_FOUND = /<noscript/gi;
|
|
|
+const CANVAS_TAG_FOUND = /<canvas/gi;
|
|
|
const SHADOW_MODE_ATTRIBUTE_NAME = "shadowmode";
|
|
|
const SHADOW_DELEGATE_FOCUS_ATTRIBUTE_NAME = "delegatesfocus";
|
|
|
const SCRIPT_TEMPLATE_SHADOW_ROOT = "data-template-shadow-root";
|
|
|
@@ -1264,7 +1265,7 @@ class Processor {
|
|
|
const pageData = await frameData.runner.getPageData();
|
|
|
frameElement.removeAttribute(util.WIN_ID_ATTRIBUTE_NAME);
|
|
|
let sandbox = "allow-popups allow-top-navigation allow-top-navigation-by-user-activation";
|
|
|
- if (pageData.content.match(NOSCRIPT_TAG_FOUND) || pageData.content.match(SCRIPT_TAG_FOUND)) {
|
|
|
+ if (pageData.content.match(NOSCRIPT_TAG_FOUND) || pageData.content.match(CANVAS_TAG_FOUND) || pageData.content.match(SCRIPT_TAG_FOUND)) {
|
|
|
sandbox += " allow-scripts allow-same-origin";
|
|
|
}
|
|
|
frameElement.setAttribute("sandbox", sandbox);
|
Gildas