Skip to content

Commit a987d3c

Browse files
JustOffJustOff
committed
Workaround for Firefox 77+ processing the CSP header differently
See: https://bugzilla.mozilla.org/show_bug.cgi?id=1462989
1 parent 044cbc0 commit a987d3c

File tree

1 file changed

+24
-8
lines changed

1 file changed

+24
-8
lines changed

quantum/background.js

Lines changed: 24 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -195,8 +195,16 @@ const filterDocument = (function() {
195195
let csp = doc.querySelector(
196196
'meta[http-equiv="Content-Security-Policy" i][content]'
197197
);
198-
if (csp && csp.content) {
198+
if ( csp && csp.content ) {
199199
csp.content = updateCSP(csp.content);
200+
} else if ( filterer.csp !== undefined ) {
201+
let heads = doc.getElementsByTagName('head');
202+
if ( heads && heads[0] ) {
203+
let meta = doc.createElement('meta');
204+
meta.httpEquiv = "Content-Security-Policy";
205+
meta.content = updateCSP(filterer.csp);
206+
heads[0].appendChild(meta);
207+
}
200208
} else {
201209
return streamClose(filterer);
202210
}
@@ -225,7 +233,7 @@ const filterDocument = (function() {
225233
filterers.delete(this);
226234
};
227235

228-
return function(details) {
236+
return function(details, csp) {
229237
// https://github.com/gorhill/uBlock/issues/3478
230238
const statusCode = details.statusCode || 0;
231239
if ( statusCode !== 0 && (statusCode < 200 || statusCode >= 300) ) {
@@ -236,7 +244,8 @@ const filterDocument = (function() {
236244
stream: undefined,
237245
buffer: null,
238246
mime: 'text/html',
239-
charset: undefined
247+
charset: undefined,
248+
csp: undefined
240249
};
241250

242251
const headers = details.responseHeaders;
@@ -254,6 +263,10 @@ const filterDocument = (function() {
254263
// https://bugzilla.mozilla.org/show_bug.cgi?id=1426789
255264
if ( headerValueFromName('content-disposition', headers) ) { return; }
256265

266+
if ( csp !== undefined ) {
267+
request.csp = csp;
268+
}
269+
257270
const stream = request.stream =
258271
browser.webRequest.filterResponseData(details.requestId);
259272
stream.ondata = onStreamData;
@@ -266,12 +279,15 @@ const filterDocument = (function() {
266279
})();
267280

268281
function updateResponse(details) {
269-
filterDocument(details);
270-
details.responseHeaders.forEach(header => {
271-
if (header.name.toLowerCase() == "content-security-policy") {
272-
header.value = updateCSP(header.value);
282+
var csp = undefined;
283+
for (var i = 0; i < details.responseHeaders.length; ++i) {
284+
if (details.responseHeaders[i].name.toLowerCase() == "content-security-policy") {
285+
csp = details.responseHeaders[i].value;
286+
details.responseHeaders.splice(i, 1);
287+
break;
273288
}
274-
});
289+
}
290+
filterDocument(details, csp);
275291
return {responseHeaders: details.responseHeaders};
276292
}
277293

0 commit comments

Comments
 (0)