From ff43da19c58c9524ff89e0b0dce62d889d5e21a2 Mon Sep 17 00:00:00 2001
From: Wojtek Kosior <koszko@koszko.org>
Date: Fri, 28 Oct 2022 21:27:46 +0200
Subject: [proxy] prevent our injected script-src-elem directive from blocking
 popup script

---
 src/hydrilla/proxy/policies/base.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/hydrilla/proxy/policies/base.py b/src/hydrilla/proxy/policies/base.py
index 1626b5c..95021cd 100644
--- a/src/hydrilla/proxy/policies/base.py
+++ b/src/hydrilla/proxy/policies/base.py
@@ -177,7 +177,12 @@ class Policy(ABC):
         if (self.current_popup_settings.popup_enabled and
             http_info.is_likely_a_page):
             nonce_source = f"'nonce-{response_nonce()}'"
-            directives = ('script-src', 'style-src', 'frame-src')
+            directives = (
+                'script-src',
+                'script-src-elem',
+                'style-src',
+                'frame-src'
+            )
             return dict((directive, [nonce_source]) for directive in directives)
         else:
             return Map()
-- 
cgit v1.2.3