mirror of
https://github.com/gorhill/uBlock.git
synced 2024-11-10 09:07:54 +01:00
fix #1909
This commit is contained in:
parent
d1413bef69
commit
46a87a649b
1 changed files with 7 additions and 1 deletions
|
@ -611,7 +611,13 @@ var foilInlineScripts = function(headers) {
|
|||
// Since we are modifying an existing CSP header, we need to strip out
|
||||
// 'report-uri' if it is present, to prevent spurious reporting of CSP
|
||||
// violation, and thus the leakage of information to the remote site.
|
||||
csp = csp.replace(reScriptsrc, '') + scriptsrc.replace(reUnsafeinline, '');
|
||||
csp = csp.replace(reScriptsrc, '').trim();
|
||||
// https://github.com/gorhill/uBlock/issues/1909
|
||||
// Add missing `;` if needed.
|
||||
if ( csp !== '' && csp.slice(-1) !== ';' ) {
|
||||
csp += '; ';
|
||||
}
|
||||
csp += scriptsrc.replace(reUnsafeinline, '').trim();
|
||||
headers.push({
|
||||
'name': 'Content-Security-Policy',
|
||||
'value': csp.replace(reReporturi, '')
|
||||
|
|
Loading…
Reference in a new issue