open.source/stylus
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fixup! styleViaXhr: allow cookies for sandbox CSP

Browse Source
This commit is contained in:
tophf 2020-11-15 01:07:05 +03:00
parent be41f13ef3
commit 89ec4f352a
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
background/style-via-xhr.js
View File

@ -78,10 +78,11 @@ CHROME && (async () => {
name: 'Set-Cookie',
value: `${chrome.runtime.id}=${prefs.get('disableAll') ? 1 : 0}${blobId}`,
});
// allow cookies for sandbox CSP (known case: raw github urls)
// allow cookies or strip sandbox from CSP (known case: raw github urls)
for (const h of responseHeaders) {
if (h.name.toLowerCase() === 'content-security-policy' && h.value.includes('sandbox')) {
h.value = h.value.replace(/((^|;)\s*sandbox)(\s+[^;]+)?\s*(?=;|$)/, '$1 allow-same-origin');
h.value = h.value.replace(/((?:^|;)\s*sandbox)(\s+[^;]+)?\s*(?=;|$)/,
(_, a, b) => !b || b === 'allow-same-origin' ? `${a} allow-same-origin` : '');
break;
}
}