From 833eb2eefe19dc2ebc10762ed2eb38c40be3d7ef Mon Sep 17 00:00:00 2001
From: David Hurrell <git@huz.org.uk>
Date: Mon, 14 Dec 2015 13:13:20 +0000
Subject: [PATCH] Strip out Express typeof check from JSONP

Express server adds a 'typeof' check to JSONP responses to reduce client
error noise (and an empty comment for security). See:
https://github.com/strongloop/express/blob/4.13.3/lib/response.js#L312-L314

Strip this out before checking whether or not the response is JSONP.
---
 extension/js/background.js | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/extension/js/background.js b/extension/js/background.js
index c5b223a..b698c59 100644
--- a/extension/js/background.js
+++ b/extension/js/background.js
@@ -121,6 +121,10 @@
       return str.join('').slice(2, -2);
     }
 
+    function removeTypeofGuard(s) {
+      return s.replace(/^typeof \S+ === 'function' && /, '');
+    }
+
     function firstJSONCharIndex(s) {
       var arrayIdx = s.indexOf('['),
           objIdx = s.indexOf('{'),
@@ -434,6 +438,7 @@
                 
                 // Get the substring up to the first "(", with any comments/whitespace stripped out
                   var firstBit = removeComments( text.substring(0,indexOfParen) ).trim() ;
+                  firstBit = removeTypeofGuard(firstBit);
                   if ( ! firstBit.match(/^[a-zA-Z_$][\.\[\]'"0-9a-zA-Z_$]*$/) ) {
                     // The 'firstBit' is NOT a valid function identifier.
                     port.postMessage(['NOT JSON', 'first bit not a valid function name']) ;