diff options
author | Wojtek Kosior <koszko@koszko.org> | 2022-10-28 21:27:46 +0200 |
---|---|---|
committer | Wojtek Kosior <koszko@koszko.org> | 2022-10-28 21:27:46 +0200 |
commit | ff43da19c58c9524ff89e0b0dce62d889d5e21a2 (patch) | |
tree | ce2c423b8ca44330a5aafb99f248ce7bb9742780 /src/hydrilla | |
parent | f0468bdf86c1311811fda0a0c340296e62b8f64b (diff) | |
download | haketilo-hydrilla-ff43da19c58c9524ff89e0b0dce62d889d5e21a2.tar.gz haketilo-hydrilla-ff43da19c58c9524ff89e0b0dce62d889d5e21a2.zip |
[proxy] prevent our injected script-src-elem directive from blocking popup script
Diffstat (limited to 'src/hydrilla')
-rw-r--r-- | src/hydrilla/proxy/policies/base.py | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/hydrilla/proxy/policies/base.py b/src/hydrilla/proxy/policies/base.py index 1626b5c..95021cd 100644 --- a/src/hydrilla/proxy/policies/base.py +++ b/src/hydrilla/proxy/policies/base.py @@ -177,7 +177,12 @@ class Policy(ABC): if (self.current_popup_settings.popup_enabled and http_info.is_likely_a_page): nonce_source = f"'nonce-{response_nonce()}'" - directives = ('script-src', 'style-src', 'frame-src') + directives = ( + 'script-src', + 'script-src-elem', + 'style-src', + 'frame-src' + ) return dict((directive, [nonce_source]) for directive in directives) else: return Map() |