From 702eefd252a112375c2da6a9ae4b39915fc2dbf4 Mon Sep 17 00:00:00 2001
From: Wojtek Kosior <koszko@koszko.org>
Date: Fri, 31 Dec 2021 14:23:28 +0100
Subject: utilize Pattern Tree to decide the policy to use and modify HTTP
 response headers according to that policy

This commit also enhances the build script so that preprocessor conditionals can now use operators '&&' and '||'.
The features being developed are not yet included in the actual Haketilo build.
Some of the new source files contain similar functionality to other ones already existing in the source tree. At some point the latter will be removed.
---
 content/main.js | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

(limited to 'content')

diff --git a/content/main.js b/content/main.js
index 9e98635..d97747f 100644
--- a/content/main.js
+++ b/content/main.js
@@ -46,9 +46,19 @@
 
 #FROM content/page_actions.js IMPORT handle_page_actions
 #FROM common/misc.js          IMPORT gen_nonce, is_privileged_url, \
-                                     make_csp_rule, csp_header_regex
+                                     csp_header_regex
 #FROM common/browser.js       IMPORT browser
 
+/* CSP rule that blocks scripts according to policy's needs. */
+function make_csp_rule(policy)
+{
+    let rule = "prefetch-src 'none'; script-src-attr 'none';";
+    const script_src = policy.nonce !== undefined ?
+         `'nonce-${policy.nonce}'` : "'none'";
+    rule += ` script-src ${script_src}; script-src-elem ${script_src};`;
+    return rule;
+}
+
 document.content_loaded = document.readyState === "complete";
 const wait_loaded = e => e.content_loaded ? Promise.resolve() :
       new Promise(c => e.addEventListener("DOMContentLoaded", c, {once: true}));
-- 
cgit v1.2.3