From 6fda8ea58575e52e8957e6b5bfbdcde8b71d0106 Mon Sep 17 00:00:00 2001 From: jahoti Date: Sat, 14 Aug 2021 00:00:00 +0000 Subject: Revert changes to content/main.js to commit 25817b68c* It turns out modifying the CSP headers in meta tags has no effect. --- content/main.js | 27 ++++++++------------------- 1 file changed, 8 insertions(+), 19 deletions(-) diff --git a/content/main.js b/content/main.js index 5edb8a6..9ed557c 100644 --- a/content/main.js +++ b/content/main.js @@ -19,7 +19,6 @@ * IMPORT is_chrome * IMPORT is_mozilla * IMPORT start_activity_info_server - * IMPORT sanitize_csp_header * IMPORTS_END */ @@ -66,17 +65,6 @@ function block_node(node) block_script(node); return; } - - else if (node.tagName === 'META' && - node.getAttribute('http-equiv') === 'content-security-policy') { - - node.content = sanitize_csp_header( - {value: node.content}, - `'nonce-${nonce}'`, - !policy.allow - ).value; - return; - } sanitize_attributes(node); @@ -126,13 +114,14 @@ if (!is_privileged_url(document.URL)) { if (!policy.allow) { block_nodes_recursively(document.documentElement); - /* Now needed on Mozilla as well to sanitize CSP header */ - var observer = new MutationObserver(handle_mutation); - observer.observe(document.documentElement, { - attributes: true, - childList: true, - subtree: true - }); + if (is_chrome) { + var observer = new MutationObserver(handle_mutation); + observer.observe(document.documentElement, { + attributes: true, + childList: true, + subtree: true + }); + } if (is_mozilla) addEventListener('beforescriptexecute', mozilla_suppress_scripts, true); -- cgit v1.2.3