summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorhackademix2018-12-05 09:35:42 +0100
committerhackademix2018-12-05 10:10:26 +0100
commitc94cd48752485bc2abc207c590aa8afce4d3b240 (patch)
tree1c20859428268bd4df4b39b92dc0f3397035fa49 /src
parent68d0cd056862131f255c1a362a3c6b3ec24c6625 (diff)
downloadnoscript-c94cd48752485bc2abc207c590aa8afce4d3b240.tar.gz
noscript-c94cd48752485bc2abc207c590aa8afce4d3b240.tar.xz
noscript-c94cd48752485bc2abc207c590aa8afce4d3b240.zip
Fixed placeholders missing for some blocked embeddings (Tor ticket #28720).
Diffstat (limited to 'src')
-rw-r--r--src/lib/CSP.js10
1 files changed, 5 insertions, 5 deletions
diff --git a/src/lib/CSP.js b/src/lib/CSP.js
index 79590bc..666f4a1 100644
--- a/src/lib/CSP.js
+++ b/src/lib/CSP.js
@@ -1,23 +1,23 @@
"use strict";
class CSP {
-
+
build(...directives) {
return directives.join(';');
}
-
+
buildBlocker(...types) {
return this.build(...(types.map(type => `${type.name || type}-src ${type.value || "'none'"}`)));
}
-
+
blocks(header, type) {
return `;${header};`.includes(`;${type}-src 'none';`)
}
-
+
asHeader(value) {
return {name: CSP.headerName, value};
}
}
-CSP.isEmbedType = type => /\b(?:application|video|audio)\b/.test(type);
+CSP.isEmbedType = type => /\b(?:application|video|audio)\b/.test(type) && type !== "application/xhtml+xml";
CSP.headerName = "content-security-policy";