Fix: Content script fetch requests result in XSRF cross-origin forger…

…y failure #42 Chore: Firefox manifest changes
Xzensi · Jun 6, 2024 · f314ae2 · f314ae2
1 parent db24bc5
commit f314ae2
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 4 deletions.
diff --git a/manifest-firefox-v2.json b/manifest-firefox-v2.json
@@ -3,12 +3,16 @@
  "name": "NipahTV",
  "short_name": "NTV",
  "author": "Xzensi",
- "description": "A Better Kick and 7TV Emote Integration for Kick.",
+ "homepage_url": "https://nipahtv.com",
+ "description": "Transform your chat experience on Kick with new features, emotes and performance improvements.",
  "version": "{{VERSION}}",
  "icons": {
- "48": "assets/img/icons/border-48.png"
+ "16": "assets/img/NTV_icon_16.png",
+ "48": "assets/img/NTV_icon_48.png",
+ "96": "assets/img/NTV_icon_96.png",
+ "128": "assets/img/NTV_icon_128.png"
  },
- "permissions": ["https://7tv.io/*"],
+ "permissions": ["https://kick.com/*", "https://7tv.io/*"],
  "background": {
  "scripts": ["service-worker.js"],
  "persistent": false,
@@ -21,7 +25,7 @@
  "css": ["style.min.css"]
  }
  ],
- "web_accessible_resources": ["assets/*.png", "assets/btn/*.png"],
+ "web_accessible_resources": ["assets/img/*.png", "assets/btn/*.png"],
  "browser_specific_settings": {
  "gecko": {
  "id": "{69696969-6969-6969-6969-696969696969}"

diff --git a/src/NetworkInterfaces/KickNetworkInterface.ts b/src/NetworkInterfaces/KickNetworkInterface.ts
@@ -88,6 +88,7 @@ export class KickNetworkInterface extends AbstractNetworkInterface {
  const responseChannelMeData = await REST.get(`https://kick.com/api/v2/channels/${channelName}/me`).catch(
  () => {}
  )
+
  if (responseChannelMeData) {
  Object.assign(channelData, {
  me: {

diff --git a/src/UserInterface/KickUserInterface.ts b/src/UserInterface/KickUserInterface.ts
@@ -164,6 +164,7 @@ export class KickUserInterface extends AbstractUserInterface {
 
  // TODO move methods like this to super class. this.elm.textfield event can be in contentEditableEditor
  async loadEmoteMenu() {
+ if (!this.session.channelData.me.is_logged_in) return
  if (!this.elm.textField) return error('Text field not loaded for emote menu')
 
  const container = this.elm.textField.parentElement!.parentElement!
@@ -448,6 +449,7 @@ export class KickUserInterface extends AbstractUserInterface {
  loadReplyBehaviour() {
  const { inputController } = this
  const { channelData } = this.session
+ if (!channelData.me.is_logged_in) return
  if (!inputController) return error('Input controller not loaded for reply behaviour')
 
  const chatMessagesContainerEl = this.elm.chatMessagesContainer

diff --git a/src/utils.ts b/src/utils.ts
@@ -68,6 +68,7 @@ export class REST {
  const urlDomain = new URL(url as string).host.split('.').slice(-2).join('.')
  if (currentDomain === urlDomain) {
  options.credentials = 'include'
+ options.referrer = window.location.origin + window.location.pathname
 
  const XSRFToken = getCookie('XSRF')
  if (XSRFToken) {