From e942bb98325d0a4fdb79cdc75782f065c0289d70 Mon Sep 17 00:00:00 2001
From: Yuchen Pei <id@ypei.org>
Date: Sun, 10 Sep 2023 12:02:37 +1000
Subject: Fixing bypassing Function("...").

It is similar to eval(). See,
https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Function/Function

As a prior art, another extension did the blank ban of Function():
https://addons.mozilla.org/en-US/firefox/addon/noeval-disable-eval/

So let's ban it as well.

Bug reported at
https://lists.gnu.org/archive/html/bug-librejs/2023-09/msg00000.html
---
 common/fname_data.json | 2 +-
 manifest.json          | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/common/fname_data.json b/common/fname_data.json
index 5606007..38652d6 100644
--- a/common/fname_data.json
+++ b/common/fname_data.json
@@ -714,7 +714,7 @@
 		"RadioNodeList": true,
 		"KeyframeEffectReadOnly": true,
 		"InstallTrigger": true,
-		"Function": false,
+		"Function": true,
 		"Object": false,
 		"eval": true,
 		"Window": false,
diff --git a/manifest.json b/manifest.json
index 2a7a5f1..73bc918 100644
--- a/manifest.json
+++ b/manifest.json
@@ -2,7 +2,7 @@
   "manifest_version": 2,
   "name": "GNU LibreJS",
   "short_name": "LibreJS",
-  "version": "7.21.0",
+  "version": "7.21.1",
   "author": "various",
   "description": "Only allows free and/or trivial Javascript to run.",
   "applications": {
-- 
cgit v1.2.3