From 1ed8213ebe97f7a28626711e665c0be20cb4ec8a Mon Sep 17 00:00:00 2001 From: Emil Lerch Date: Sat, 25 Apr 2020 14:14:29 -0700 Subject: [PATCH] handle image only when login is clicked, avoiding exra load and mixed content --- index.js | 37 ++++++++++++++++++++++++------------- 1 file changed, 24 insertions(+), 13 deletions(-) diff --git a/index.js b/index.js index daf15dc..61a76bf 100644 --- a/index.js +++ b/index.js @@ -41,23 +41,34 @@ async function modifyBody(pageContentTextPromise, originalResponse) { `
${await pageContentResponse.text()} - - -
`); responseBodyText = responseBodyText.replace(initialloadJs, ''); - responseBodyText = responseBodyText.replace(login, - `location.href = 'https://tmweb.troopmaster.com/Login/Index?website'`); // eslint-disable-line no-undef + responseBodyText = responseBodyText.replace(login, ` + var image = new Image(1, 1); + image.style.cssText = "opacity:0"; + document.body.appendChild(image); + + // listen for the image's error event before assigning a source + // We use error here because content policy will block loading an + // http resource. Why is it http? Because troopmaster redirects + // our nice clean https to http (then if this were a real request, + // would happily redirect **BACK** to https via client side JS + image.addEventListener('error', function() { + // this function is invoked in the future, + // when the image load event has been fired (and cookies extablished + location.href = 'https://tmweb.troopmaster.com/Login/Index?website'; + }); + // in case troopmaster fixes this bizarre behavior, we will set up + // a load function too + image.addEventListener('load', function() { + // this function is invoked in the future, + // when the image load event has been fired (and cookies extablished + location.href = 'https://tmweb.troopmaster.com/Login/Index?website'; + }); + // Set src and trigger the browser to load + image.src = "https://tmweb.troopmaster.com/mysite/${TMSITENAME}?Home"`); // eslint-disable-line no-undef extraheaders['X-worker-modification-status'] = 'modified'; extraheaders['X-worker-modification-getcontent-ok'] = 'true';