Add hosts that serve emotes to the content security policy
This commit is contained in:
parent
cd77d659a5
commit
e169206821
|
@ -10,8 +10,9 @@
|
||||||
|
|
||||||
import path from 'path';
|
import path from 'path';
|
||||||
import sass from 'node-sass';
|
import sass from 'node-sass';
|
||||||
import { BrowserWindow, dialog } from 'electron';
|
import { BrowserWindow, dialog, session } from 'electron';
|
||||||
import deepmerge from 'deepmerge';
|
import deepmerge from 'deepmerge';
|
||||||
|
import ContentSecurityPolicy from 'csp-parse';
|
||||||
|
|
||||||
import { FileUtils, BDIpc, Config, WindowUtils, CSSEditor, Database } from './modules';
|
import { FileUtils, BDIpc, Config, WindowUtils, CSSEditor, Database } from './modules';
|
||||||
|
|
||||||
|
@ -239,6 +240,29 @@ export class BetterDiscord {
|
||||||
browser_window_module.exports = PatchedBrowserWindow;
|
browser_window_module.exports = PatchedBrowserWindow;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Attaches an event handler for HTTP requests to update the Content Security Policy.
|
||||||
|
*/
|
||||||
|
static hookSessionRequest() {
|
||||||
|
session.defaultSession.webRequest.onHeadersReceived((details, callback) => {
|
||||||
|
for (let [header, values] of Object.entries(details.responseHeaders)) {
|
||||||
|
if (!header.match(/^Content-Security-Policy(-Report-Only)?$/i)) continue;
|
||||||
|
|
||||||
|
details.responseHeaders[header] = values.map(value => {
|
||||||
|
const policy = new ContentSecurityPolicy(value);
|
||||||
|
|
||||||
|
// Add hosts that serve emotes (https://static-cdn.jtvnw.net is already in the CSP)
|
||||||
|
policy.set('img-src', `${policy.get('img-src') || policy.get('default-src')} https://cdn.betterttv.net https://cdn.frankerfacez.com`);
|
||||||
|
|
||||||
|
return policy.toString();
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
callback({ responseHeaders: details.responseHeaders });
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
BetterDiscord.patchBrowserWindow();
|
BetterDiscord.patchBrowserWindow();
|
||||||
|
BetterDiscord.hookSessionRequest();
|
||||||
|
|
|
@ -2744,6 +2744,9 @@
|
||||||
"randomfill": "1.0.4"
|
"randomfill": "1.0.4"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"csp-parse": {
|
||||||
|
"version": "github:macropodhq/csp-parse#db7d5f954b420b527d7fb452a93bb6e2fa302c5a"
|
||||||
|
},
|
||||||
"css-color-names": {
|
"css-color-names": {
|
||||||
"version": "0.0.4",
|
"version": "0.0.4",
|
||||||
"resolved": "https://registry.npmjs.org/css-color-names/-/css-color-names-0.0.4.tgz",
|
"resolved": "https://registry.npmjs.org/css-color-names/-/css-color-names-0.0.4.tgz",
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
"version": "2.0.0a",
|
"version": "2.0.0a",
|
||||||
"homepage": "https://betterdiscord.net",
|
"homepage": "https://betterdiscord.net",
|
||||||
"license": "MIT",
|
"license": "MIT",
|
||||||
"main": "./core/index.js",
|
"main": "core/dist/main.js",
|
||||||
"contributors": [
|
"contributors": [
|
||||||
"Jiiks",
|
"Jiiks",
|
||||||
"Pohky"
|
"Pohky"
|
||||||
|
@ -16,6 +16,7 @@
|
||||||
},
|
},
|
||||||
"private": false,
|
"private": false,
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
|
"csp-parse": "github:macropodhq/csp-parse",
|
||||||
"deepmerge": "^2.1.1",
|
"deepmerge": "^2.1.1",
|
||||||
"nedb": "^1.8.0",
|
"nedb": "^1.8.0",
|
||||||
"node-sass": "^4.9.0"
|
"node-sass": "^4.9.0"
|
||||||
|
|
Loading…
Reference in New Issue