aboutsummaryrefslogtreecommitdiff
path: root/src/hydrilla
diff options
context:
space:
mode:
authorWojtek Kosior <koszko@koszko.org>2022-10-28 21:27:46 +0200
committerWojtek Kosior <koszko@koszko.org>2022-10-28 21:27:46 +0200
commitff43da19c58c9524ff89e0b0dce62d889d5e21a2 (patch)
treece2c423b8ca44330a5aafb99f248ce7bb9742780 /src/hydrilla
parentf0468bdf86c1311811fda0a0c340296e62b8f64b (diff)
downloadhaketilo-hydrilla-ff43da19c58c9524ff89e0b0dce62d889d5e21a2.tar.gz
haketilo-hydrilla-ff43da19c58c9524ff89e0b0dce62d889d5e21a2.zip
[proxy] prevent our injected script-src-elem directive from blocking popup script
Diffstat (limited to 'src/hydrilla')
-rw-r--r--src/hydrilla/proxy/policies/base.py7
1 files changed, 6 insertions, 1 deletions
diff --git a/src/hydrilla/proxy/policies/base.py b/src/hydrilla/proxy/policies/base.py
index 1626b5c..95021cd 100644
--- a/src/hydrilla/proxy/policies/base.py
+++ b/src/hydrilla/proxy/policies/base.py
@@ -177,7 +177,12 @@ class Policy(ABC):
if (self.current_popup_settings.popup_enabled and
http_info.is_likely_a_page):
nonce_source = f"'nonce-{response_nonce()}'"
- directives = ('script-src', 'style-src', 'frame-src')
+ directives = (
+ 'script-src',
+ 'script-src-elem',
+ 'style-src',
+ 'frame-src'
+ )
return dict((directive, [nonce_source]) for directive in directives)
else:
return Map()