From 1cfb3117efbe2f41494155719fec0ce16960790c Mon Sep 17 00:00:00 2001 From: hackademix Date: Sun, 9 Sep 2018 14:58:55 +0200 Subject: Prevent multiple CSP entries to be injected in the DOM on each reload if scripting is disabled. --- src/content/DocumentCSP.js | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'src/content') diff --git a/src/content/DocumentCSP.js b/src/content/DocumentCSP.js index 63f5d1e..7632ce7 100644 --- a/src/content/DocumentCSP.js +++ b/src/content/DocumentCSP.js @@ -26,10 +26,8 @@ class DocumentCSP { try { parent.insertBefore(meta, parent.firstChild); debug(`Failsafe CSP inserted in the DOM: "%s"`, header.value); - if (capabilities.has("script")) { - meta.remove(); - if (!head) parent.remove(); - } + meta.remove(); + if (!head) parent.remove(); } catch (e) { error(e, "Error inserting CSP %s in the DOM", header && header.value); } -- cgit v1.2.3