From f95f7b809d994f4b581ea71885addbfa177b49fb Mon Sep 17 00:00:00 2001
From: hackademix
Date: Tue, 4 Sep 2018 22:43:00 +0200
Subject: Ensure we remove the HEAD element parent of our META CSP policy only
 if we created it.

---
 src/content/DocumentCSP.js | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'src/content')

diff --git a/src/content/DocumentCSP.js b/src/content/DocumentCSP.js
index 7fd666c..63f5d1e 100644
--- a/src/content/DocumentCSP.js
+++ b/src/content/DocumentCSP.js
@@ -19,7 +19,8 @@ class DocumentCSP {
     let meta = createHTMLElement("meta");
     meta.setAttribute("http-equiv", header.name);
     meta.setAttribute("content", header.value);
-    let parent = document.head ||
+    let {head} = document;
+    let parent = head ||
       document.documentElement.appendChild(createHTMLElement("head"));
 
     try {
@@ -27,7 +28,7 @@ class DocumentCSP {
       debug(`Failsafe <meta> CSP inserted in the DOM: "%s"`, header.value);
       if (capabilities.has("script")) {
         meta.remove();
-        if (!parent.firstChild) parent.remove();
+        if (!head) parent.remove();
       }
     } catch (e) {
       error(e, "Error inserting CSP %s in the DOM", header && header.value);
-- 
cgit v1.2.3