From ff43da19c58c9524ff89e0b0dce62d889d5e21a2 Mon Sep 17 00:00:00 2001 From: Wojtek Kosior Date: Fri, 28 Oct 2022 21:27:46 +0200 Subject: [proxy] prevent our injected script-src-elem directive from blocking popup script --- src/hydrilla/proxy/policies/base.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/hydrilla/proxy/policies/base.py b/src/hydrilla/proxy/policies/base.py index 1626b5c..95021cd 100644 --- a/src/hydrilla/proxy/policies/base.py +++ b/src/hydrilla/proxy/policies/base.py @@ -177,7 +177,12 @@ class Policy(ABC): if (self.current_popup_settings.popup_enabled and http_info.is_likely_a_page): nonce_source = f"'nonce-{response_nonce()}'" - directives = ('script-src', 'style-src', 'frame-src') + directives = ( + 'script-src', + 'script-src-elem', + 'style-src', + 'frame-src' + ) return dict((directive, [nonce_source]) for directive in directives) else: return Map() -- cgit v1.2.3