From 96068ada37bfa1d7e6485551138ba36600664caf Mon Sep 17 00:00:00 2001
From: Wojtek Kosior <koszko@koszko.org>
Date: Sat, 20 Nov 2021 18:29:59 +0100
Subject: replace cookies with synchronous XmlHttpRequest as policy smuggling
 method.

Note: this breaks Mozilla port of Haketilo. Synchronous XmlHttpRequest doesn't work as well there. This will be fixed with dynamically-registered content scripts later.
---
 common/misc.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'common/misc.js')

diff --git a/common/misc.js b/common/misc.js
index 9ffb7ff..5b0addb 100644
--- a/common/misc.js
+++ b/common/misc.js
@@ -49,7 +49,7 @@ function gen_nonce(length=16)
 function make_csp_rule(policy)
 {
     let rule = "prefetch-src 'none'; script-src-attr 'none';";
-    const script_src = policy.has_payload ?
+    const script_src = policy.nonce !== undefined ?
 	  `'nonce-${policy.nonce}'` : "'none'";
     rule += ` script-src ${script_src}; script-src-elem ${script_src};`;
     return rule;
-- 
cgit v1.2.3