mirror of
https://github.com/kkapsner/CanvasBlocker
synced 2025-07-04 12:36:37 +02:00
Optimized CSP
This commit is contained in:
kkapsner
parent
ab114f419c
commit
942d74ce54
2 changed files with 25 additions and 3 deletions
|
|
@ -15,6 +15,27 @@
|
|||
|
||||
const logging = require("./logging");
|
||||
const settings = require("./settings");
|
||||
let canMergeHeader = false;
|
||||
browser.runtime.getBrowserInfo().then(function(info){
|
||||
canMergeHeader = parseInt(info.version.replace(/\..+/, ""), 10) > 59;
|
||||
});
|
||||
function setHeader(headers, header){
|
||||
if (canMergeHeader){
|
||||
headers.push(header);
|
||||
}
|
||||
else {
|
||||
const headerName = header.name.toLowerCase();
|
||||
const presentHeader = headers.filter(function(h){
|
||||
return h.name.toLowerCase() === headerName;
|
||||
});
|
||||
if (presentHeader.length){
|
||||
presentHeader[0].value += ", " + header.value;
|
||||
}
|
||||
else {
|
||||
headers.push(header);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
scope.init = function(){
|
||||
const cspMatch = "blob: filesystem: *";
|
||||
|
|
@ -23,9 +44,10 @@
|
|||
const headers = details.responseHeaders;
|
||||
if (settings.blockDataURLs){
|
||||
logging.verbose("Adding CSP header to", details);
|
||||
headers.push({
|
||||
setHeader(headers, {
|
||||
name: "Content-Security-Policy",
|
||||
value: `object-src ${cspMatch}; frame-src ${cspMatch}; worker-src ${cspMatch}`
|
||||
value: `object-src ${cspMatch}; frame-src ${cspMatch}; worker-src ${cspMatch}; child-src ${cspMatch}` +
|
||||
"report-to https://canvasblocker.invalid/; report-uri https://canvasblocker.invalid/"
|
||||
});
|
||||
}
|
||||
return {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue