blob: 666f4a19a3db8cb54708411fc8713eec0d3c5142 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
"use strict";
class CSP {
build(...directives) {
return directives.join(';');
}
buildBlocker(...types) {
return this.build(...(types.map(type => `${type.name || type}-src ${type.value || "'none'"}`)));
}
blocks(header, type) {
return `;${header};`.includes(`;${type}-src 'none';`)
}
asHeader(value) {
return {name: CSP.headerName, value};
}
}
CSP.isEmbedType = type => /\b(?:application|video|audio)\b/.test(type) && type !== "application/xhtml+xml";
CSP.headerName = "content-security-policy";
|