diff options
Diffstat (limited to 'background')
-rw-r--r-- | background/policy_injector.js | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/background/policy_injector.js b/background/policy_injector.js index f05a422..4f70aac 100644 --- a/background/policy_injector.js +++ b/background/policy_injector.js @@ -14,6 +14,7 @@ * IMPORT gen_unique * IMPORT url_item * IMPORT get_query_best + * IMPORT csp_rule * IMPORTS_END */ @@ -40,16 +41,12 @@ function inject(details) if (settings !== undefined && settings.allow) return {cancel : false}; - let nonce = gen_unique(url).substring(1); + let nonce = gen_unique(url); let headers = details.responseHeaders.filter(is_noncsp_header); - let rule = `script-src 'nonce-${nonce}';`; - if (is_chrome) - rule += `script-src-elem 'nonce-${nonce}';`; - headers.push({ name : "content-security-policy", - value : rule + value : csp_rule(nonce) }); return {responseHeaders: headers}; |