Revision 3d0efa15
Added by koszko about 2 years ago
| content/main.js | ||
|---|---|---|
| 84 | 84 |
|
| 85 | 85 |
function inject_csp(head) |
| 86 | 86 |
{
|
| 87 |
console.log('injecting CSP');
|
|
| 88 |
|
|
| 89 | 87 |
let meta = document.createElement("meta");
|
| 90 | 88 |
meta.setAttribute("http-equiv", "Content-Security-Policy");
|
| 91 | 89 |
meta.setAttribute("content", csp_rule(nonce));
|
| ... | ... | |
| 102 | 100 |
const matches = [...document.cookie.matchAll(/hachette-(\w*)=([^;]*)/g)]; |
| 103 | 101 |
let [policy, signature] = matches.reduce(reductor, []); |
| 104 | 102 |
|
| 105 |
console.log("extracted policy", [signature, policy]);
|
|
| 106 | 103 |
if (!policy || policy.url !== document.URL) {
|
| 107 |
console.log("using default policy");
|
|
| 104 |
console.log("WARNING! Using default policy!!!");
|
|
| 108 | 105 |
policy = {allow: false, nonce: gen_nonce()};
|
| 109 | 106 |
} |
| 110 | 107 |
|
Also available in: Unified diff
remove unneeded policy-related cosole messages; restore IceCat 60 compatibility