summaryrefslogtreecommitdiff
path: root/src/bg/ReportingCSP.js
diff options
context:
space:
mode:
Diffstat (limited to 'src/bg/ReportingCSP.js')
-rw-r--r--src/bg/ReportingCSP.js39
1 files changed, 33 insertions, 6 deletions
diff --git a/src/bg/ReportingCSP.js b/src/bg/ReportingCSP.js
index f8764e8..03926c2 100644
--- a/src/bg/ReportingCSP.js
+++ b/src/bg/ReportingCSP.js
@@ -1,6 +1,12 @@
"use strict";
-function ReportingCSP(reportURI, reportGroup) {
+function ReportingCSP(reportURI, reportGroup) {
+ const REPORT_TO = {
+ name: "Report-To",
+ value: JSON.stringify({ "url": reportURI,
+ "group": reportGroup,
+ "max-age": 10886400 }),
+ };
return Object.assign(
new CapsCSP(new NetCSP(
`report-uri ${reportURI};`,
@@ -9,11 +15,32 @@ function ReportingCSP(reportURI, reportGroup) {
{
reportURI,
reportGroup,
- reportToHeader: {
- name: "Report-To",
- value: JSON.stringify({ "url": reportURI,
- "group": reportGroup,
- "max-age": 10886400 }),
+ patchHeaders(responseHeaders, capabilities) {
+ let header = null;
+ let hasReportTo = false;
+ for (let h of responseHeaders) {
+ if (this.isMine(h)) {
+ header = h;
+ h.value = this.inject(h.value, "");
+ } else if (h.name === REPORT_TO.name && h.value === REPORT_TO.value) {
+ hasReportTo = true;
+ }
+ }
+
+ let blocker = capabilities && this.buildFromCapabilities(capabilities);
+ if (blocker) {
+ if (!hasReportTo) {
+ responseHeaders.push(REPORT_TO);
+ }
+ if (header) {
+ header.value = this.inject(header.value, blocker);
+ } else {
+ header = this.asHeader(blocker);
+ responseHeaders.push(header);
+ }
+ }
+
+ return header;
}
}
);
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-11 06:16:59 +0000