Revision 44e89d8e
Added by koszko almost 2 years ago
background/stream_filter.js | ||
---|---|---|
12 | 12 |
/* |
13 | 13 |
* IMPORTS_START |
14 | 14 |
* IMPORT browser |
15 |
* IMPORT is_csp_header_name
|
|
15 |
* IMPORT csp_header_regex
|
|
16 | 16 |
* IMPORTS_END |
17 | 17 |
*/ |
18 | 18 |
|
... | ... | |
116 | 116 |
const doc = new DOMParser().parseFromString(html, "text/html"); |
117 | 117 |
|
118 | 118 |
for (const meta of doc.querySelectorAll("head>meta[http-equiv]")) { |
119 |
if (is_csp_header_name(meta.getAttribute("http-equiv"), true) && |
|
120 |
meta.content) |
|
119 |
if (csp_header_regex.test(meta.httpEquiv) && meta.content) |
|
121 | 120 |
return true; |
122 | 121 |
} |
123 | 122 |
|
Also available in: Unified diff
simplify CSP handling
All page's CSP rules are now removed when a payload is to be injected. When there is no payload, CSP rules are not modified but only supplemented with Hachette's own.