From b98ef8141a27b1f6509be1af580d8fe11869ae0f Mon Sep 17 00:00:00 2001
From: Raymond Hill <rhill@raymondhill.net>
Date: Wed, 10 Jul 2024 10:09:59 -0400
Subject: [PATCH] Fix CSP injection in non-document resources

Related feedback:
https://github.com/uBlockOrigin/uBlock-issues/issues/229#issuecomment-2220354261
https://old.reddit.com/r/uBlockOrigin/comments/1dz6du7/

Regression from:
https://github.com/gorhill/uBlock/commit/7c3e060c01
---
 src/js/traffic.js | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/js/traffic.js b/src/js/traffic.js
index f28f57fbb..f8e98b898 100644
--- a/src/js/traffic.js
+++ b/src/js/traffic.js
@@ -945,6 +945,10 @@ const bodyFilterer = (( ) => {
 /******************************************************************************/
 
 const injectCSP = function(fctxt, pageStore, responseHeaders) {
+    // https://github.com/uBlockOrigin/uBlock-issues/issues/229#issuecomment-2220354261
+    // Inject CSP in document resource only
+    if ( fctxt.isDocument() === false ) { return; }
+
     const cspSubsets = [];
     const requestType = fctxt.type;