From be41f13ef3353dbe8869467d6bd94474edc1dad5 Mon Sep 17 00:00:00 2001
From: tophf <tophf@gmx.com>
Date: Sun, 15 Nov 2020 00:50:08 +0300
Subject: [PATCH] styleViaXhr: allow cookies for sandbox CSP

---
 background/style-via-xhr.js | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/background/style-via-xhr.js b/background/style-via-xhr.js
index a5669be1..74498c3d 100644
--- a/background/style-via-xhr.js
+++ b/background/style-via-xhr.js
@@ -78,6 +78,13 @@ CHROME && (async () => {
         name: 'Set-Cookie',
         value: `${chrome.runtime.id}=${prefs.get('disableAll') ? 1 : 0}${blobId}`,
       });
+      // allow cookies for sandbox CSP (known case: raw github urls)
+      for (const h of responseHeaders) {
+        if (h.name.toLowerCase() === 'content-security-policy' && h.value.includes('sandbox')) {
+          h.value = h.value.replace(/((^|;)\s*sandbox)(\s+[^;]+)?\s*(?=;|$)/, '$1 allow-same-origin');
+          break;
+        }
+      }
       return {responseHeaders};
     }
   }