summaryrefslogtreecommitdiff
path: root/src/content/DocumentCSP.js
diff options
context:
space:
mode:
Diffstat (limited to 'src/content/DocumentCSP.js')
-rw-r--r--src/content/DocumentCSP.js7
1 files changed, 5 insertions, 2 deletions
diff --git a/src/content/DocumentCSP.js b/src/content/DocumentCSP.js
index 228b2a2..371e547 100644
--- a/src/content/DocumentCSP.js
+++ b/src/content/DocumentCSP.js
@@ -6,9 +6,9 @@ class DocumentCSP {
this.builder = new CapsCSP();
}
- apply(capabilities) {
+ apply(capabilities, embedding = CSP.isEmbedType(this.document.contentType)) {
let csp = this.builder;
- let blocker = csp.buildFromCapabilities(capabilities);
+ let blocker = csp.buildFromCapabilities(capabilities, embedding);
if (!blocker) return;
let document = this.document;
@@ -19,8 +19,11 @@ class DocumentCSP {
let parent = document.head || document.documentElement;
try {
parent.insertBefore(meta, parent.firstChild);
+ debug(`Failsafe <meta> CSP inserted in the DOM: "%s"`, header.value);
+ if (capabilities.has("script")) meta.remove();
} catch (e) {
error(e, "Error inserting CSP %s in the DOM", header && header.value);
}
}
+
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-11 02:23:55 +0000