jcs.org
iOS web browser with a focus on security and privacy
URLInterceptor: log CSP header that we just changed, don't find it again
+4
-3
+4
-3
Endless/URLInterceptor.m
+4
-3
Endless/URLInterceptor.m
···
404
404
405
405
/* don't bother rewriting with the header if we don't want a restrictive one (CSPheader) and the site doesn't have one (curCSP) */
406
406
if (CSPheader != nil || curCSP != nil) {
407
-
BOOL foundCSP = false;
407
+
id foundCSP = nil;
408
408
409
409
/* directives and their values (normal and nonced versions) to prepend */
410
410
NSDictionary *wantedDirectives = @{
···
426
426
hv = [URLInterceptor prependDirectivesIfExisting:wantedDirectives inCSPHeader:hv];
427
427
428
428
[mHeaders setObject:hv forKey:h];
429
-
foundCSP = true;
429
+
foundCSP = hv;
430
430
}
431
431
else if ([[h lowercaseString] isEqualToString:@"cache-control"]) {
432
432
/* ignore */
···
438
438
if (!foundCSP && CSPheader) {
439
439
[mHeaders setObject:CSPheader forKey:@"Content-Security-Policy"];
440
440
[mHeaders setObject:CSPheader forKey:@"X-WebKit-CSP"];
441
+
foundCSP = CSPheader;
441
442
}
442
443
443
444
#ifdef TRACE_HOST_SETTINGS
444
-
NSLog(@"[HostSettings] [Tab %@] CSP header is now %@", wvt.tabIndex, [mHeaders objectForKey:@"Content-Security-Policy"]);
445
+
NSLog(@"[HostSettings] [Tab %@] CSP header is now %@", wvt.tabIndex, foundCSP);
445
446
#endif
446
447
}
447
448