diff options
Diffstat (limited to 'src/assets/javascripts')
| -rw-r--r-- | src/assets/javascripts/services.js | 50 |
1 files changed, 24 insertions, 26 deletions
diff --git a/src/assets/javascripts/services.js b/src/assets/javascripts/services.js index 7569e9ec..0490f956 100644 --- a/src/assets/javascripts/services.js +++ b/src/assets/javascripts/services.js @@ -794,38 +794,36 @@ function processUpdate() { // For websites that have a strict policy that would not normally allow these frontends to be embedded within the website. function modifyContentSecurityPolicy(details) { let isChanged = false - if (details.type == "main_frame") { - for (const header in details.responseHeaders) { - if (details.responseHeaders[header].name == "content-security-policy") { - let instancesList = [] - for (const service in config.services) { - if (config.services[service].embeddable) { - for (const frontend in config.services[service].frontends) { - if (config.services[service].frontends[frontend].embeddable) { - for (const network in config.networks) { - instancesList.push(...options[frontend]) - } + if (details.type != "main_frame") return + + for (const header in details.responseHeaders) { + if (details.responseHeaders[header].name == "content-security-policy") { + let instancesList = [] + for (const service in config.services) { + if (config.services[service].embeddable) { + for (const frontend in config.services[service].frontends) { + if (config.services[service].frontends[frontend].embeddable) { + for (const network in config.networks) { + instancesList.push(...options[frontend]) } } } } - let securityPolicyList = details.responseHeaders[header].value.split(";") - for (const i in securityPolicyList) securityPolicyList[i] = securityPolicyList[i].trim() - let newSecurity = "" - for (const item of securityPolicyList) { - if (item.trim() == "") continue - let regex = item.match(/([a-z-]{0,}) (.*)/) - if (regex == null) continue - let [, key, vals] = regex - if (key == "frame-src") vals = vals + " " + instancesList.join(" ") - newSecurity += key + " " + vals + "; " - } - - details.responseHeaders[header].value = newSecurity - isChanged = true } + let securityPolicyList = details.responseHeaders[header].value.split(";") + for (const i in securityPolicyList) securityPolicyList[i] = securityPolicyList[i].trim() + let newSecurity = "" + for (const item of securityPolicyList) { + if (item.trim() == "") continue + let regex = item.match(/([a-z-]{0,}) (.*)/) + if (regex == null) continue + let [, key, vals] = regex + if (key == "frame-src") vals = vals + " " + instancesList.join(" ") + newSecurity += key + " " + vals + "; " + } + details.responseHeaders[header].value = newSecurity + return { details } } - if (isChanged) return { responseHeaders: details.responseHeaders } } } |