Revision cd5272ac
Added by koszko about 2 years ago
| background/policy_injector.js | ||
|---|---|---|
| 14 | 14 |
* IMPORT gen_unique |
| 15 | 15 |
* IMPORT url_item |
| 16 | 16 |
* IMPORT get_query_best |
| 17 |
* IMPORT csp_rule |
|
| 17 | 18 |
* IMPORTS_END |
| 18 | 19 |
*/ |
| 19 | 20 |
|
| ... | ... | |
| 40 | 41 |
if (settings !== undefined && settings.allow) |
| 41 | 42 |
return {cancel : false};
|
| 42 | 43 |
|
| 43 |
let nonce = gen_unique(url).substring(1);
|
|
| 44 |
let nonce = gen_unique(url); |
|
| 44 | 45 |
let headers = details.responseHeaders.filter(is_noncsp_header); |
| 45 | 46 |
|
| 46 |
let rule = `script-src 'nonce-${nonce}';`;
|
|
| 47 |
if (is_chrome) |
|
| 48 |
rule += `script-src-elem 'nonce-${nonce}';`;
|
|
| 49 |
|
|
| 50 | 47 |
headers.push({
|
| 51 | 48 |
name : "content-security-policy", |
| 52 |
value : rule
|
|
| 49 |
value : csp_rule(nonce)
|
|
| 53 | 50 |
}); |
| 54 | 51 |
|
| 55 | 52 |
return {responseHeaders: headers};
|
Also available in: Unified diff
refactor 3 miscellaneous fnctionalities to a their single own file