summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/lib/CSP.js10
1 files changed, 5 insertions, 5 deletions
diff --git a/src/lib/CSP.js b/src/lib/CSP.js
index 79590bc..666f4a1 100644
--- a/src/lib/CSP.js
+++ b/src/lib/CSP.js
@@ -1,23 +1,23 @@
"use strict";
class CSP {
-
+
build(...directives) {
return directives.join(';');
}
-
+
buildBlocker(...types) {
return this.build(...(types.map(type => `${type.name || type}-src ${type.value || "'none'"}`)));
}
-
+
blocks(header, type) {
return `;${header};`.includes(`;${type}-src 'none';`)
}
-
+
asHeader(value) {
return {name: CSP.headerName, value};
}
}
-CSP.isEmbedType = type => /\b(?:application|video|audio)\b/.test(type);
+CSP.isEmbedType = type => /\b(?:application|video|audio)\b/.test(type) && type !== "application/xhtml+xml";
CSP.headerName = "content-security-policy";