From 43761f2799ac5f523badc315ed473e9106aa3a73 Mon Sep 17 00:00:00 2001
From: Feross Aboukhadijeh <feross@feross.org>
Date: Tue, 10 Jan 2017 22:17:09 -0800
Subject: [PATCH] Avoid xhr request to example.com if fetch is supported

For: https://github.com/brave/browser-laptop/issues/5981
---
 lib/capability.js | 43 +++++++++++++++++++++++++++++++------------
 1 file changed, 31 insertions(+), 12 deletions(-)

diff --git a/lib/capability.js b/lib/capability.js
index e71b40a..00dfe76 100644
--- a/lib/capability.js
+++ b/lib/capability.js
@@ -6,21 +6,33 @@ try {
 	exports.blobConstructor = true
 } catch (e) {}
 
-// Service workers don't have XHR
-var xhr = null
-if (global.XMLHttpRequest) {
-	xhr = new global.XMLHttpRequest()
-	// If XDomainRequest is available (ie only, where xhr might not work
-	// cross domain), use the page location. Otherwise use example.com
-	// Note: this doesn't actually make an http request.
-	try {
-		xhr.open('GET', global.XDomainRequest ? '/' : 'https://example.com')
-	} catch(e) {
+// The xhr request to example.com may violate some restrictive CSP configurations,
+// so if we're running in a browser that supports `fetch`, avoid calling getXHR()
+// and assume support for certain features below.
+var xhr
+function getXHR () {
+	// Cache the xhr value
+	if (xhr !== undefined) return xhr
+
+	if (global.XMLHttpRequest) {
+		xhr = new global.XMLHttpRequest()
+		// If XDomainRequest is available (ie only, where xhr might not work
+		// cross domain), use the page location. Otherwise use example.com
+		// Note: this doesn't actually make an http request.
+		try {
+			xhr.open('GET', global.XDomainRequest ? '/' : 'https://example.com')
+		} catch(e) {
+			xhr = null
+		}
+	} else {
+		// Service workers don't have XHR
 		xhr = null
 	}
+	return xhr
 }
 
 function checkTypeSupport (type) {
+	var xhr = getXHR()
 	if (!xhr) return false
 	try {
 		xhr.responseType = type
@@ -34,13 +46,20 @@ function checkTypeSupport (type) {
 var haveArrayBuffer = typeof global.ArrayBuffer !== 'undefined'
 var haveSlice = haveArrayBuffer && isFunction(global.ArrayBuffer.prototype.slice)
 
-exports.arraybuffer = haveArrayBuffer && checkTypeSupport('arraybuffer')
+// If fetch is supported, then arraybuffer will be supported too. Skip calling
+// checkTypeSupport(), since that calls getXHR().
+exports.arraybuffer = exports.fetch || (haveArrayBuffer && checkTypeSupport('arraybuffer'))
+
 // These next two tests unavoidably show warnings in Chrome. Since fetch will always
 // be used if it's available, just return false for these to avoid the warnings.
 exports.msstream = !exports.fetch && haveSlice && checkTypeSupport('ms-stream')
 exports.mozchunkedarraybuffer = !exports.fetch && haveArrayBuffer &&
 	checkTypeSupport('moz-chunked-arraybuffer')
-exports.overrideMimeType = xhr ? isFunction(xhr.overrideMimeType) : false
+
+// If fetch is supported, then overrideMimeType will be supported too. Skip calling
+// getXHR().
+exports.overrideMimeType = exports.fetch || (getXHR() ? isFunction(getXHR().overrideMimeType) : false)
+
 exports.vbArray = isFunction(global.VBArray)
 
 function isFunction (value) {