summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjahoti <jahoti@tilde.team>2021-07-22 00:00:00 +0000
committerWojtek Kosior <koszko@koszko.org>2021-07-26 11:09:57 +0200
commite402e0363cd55f7f849c20c1acd96de548ebc9a6 (patch)
tree84cd250c2ebc18c0ec27a7af68ce978eb47e0a86
parentfba4820bec6714115ef03bd4bdfd714ba485ac2c (diff)
downloadbrowser-extension-e402e0363cd55f7f849c20c1acd96de548ebc9a6.tar.gz
browser-extension-e402e0363cd55f7f849c20c1acd96de548ebc9a6.zip
Fix some bugs in the refined CSP handling
-rw-r--r--background/policy_injector.js6
-rw-r--r--common/misc.js2
2 files changed, 4 insertions, 4 deletions
diff --git a/background/policy_injector.js b/background/policy_injector.js
index a67b4e3..90c65bd 100644
--- a/background/policy_injector.js
+++ b/background/policy_injector.js
@@ -108,7 +108,7 @@ function headers_inject(details)
delete csp['report-to'];
delete csp['report-uri'];
- if (!target.policy.allow) {
+ if (!targets.policy.allow) {
delete csp['script-src'];
delete csp['script-src-elem'];
csp['script-src-attr'] = ["'none'"];
@@ -118,12 +118,12 @@ function headers_inject(details)
if ('script-src' in csp)
csp['script-src'].push(rule);
else
- csp['script-src'] = rule;
+ csp['script-src'] = [rule];
if ('script-src-elem' in csp)
csp['script-src-elem'].push(rule);
else
- csp['script-src-elem'] = rule;
+ csp['script-src-elem'] = [rule];
/* TODO: is this safe */
let new_policy = Object.entries(csp).map(
diff --git a/common/misc.js b/common/misc.js
index 6af2327..0d8466e 100644
--- a/common/misc.js
+++ b/common/misc.js
@@ -159,7 +159,7 @@ function parse_csp(csp) {
let directive, directive_array;
let directives = {};
for (directive of csp.split(';')) {
- directive = directive.trim;
+ directive = directive.trim();
if (directive === '')
continue;