From 1e06bf18c5c33093648071f91d87d94cbbb95b82 Mon Sep 17 00:00:00 2001
From: Pasu Chan Chak Shing <ccspasu@gmail.com>
Date: Tue, 13 Feb 2018 15:26:30 +0800
Subject: [PATCH] If CSP already existed, modify it insteads

---
 chromium/background.js | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/chromium/background.js b/chromium/background.js
index da585b7753ec..77dc2f858b2a 100644
--- a/chromium/background.js
+++ b/chromium/background.js
@@ -503,6 +503,20 @@ function onErrorOccurred(details) {
  */
 function onHeadersReceived(details) {
   if (isExtensionEnabled && httpNowhereOn) {
+    for (const idx in details.responseHeaders) {
+      if (details.responseHeaders[idx].name.match(/Content-Security-Policy/i)) {
+        // Existing CSP headers found
+        const value = details.responseHeaders[idx].value;
+
+        // Prepend if no upgrade-insecure-requests directive exists
+        if (!value.match(/upgrade-insecure-requests/i)) {
+          details.responseHeaders[idx].value = "upgrade-insecure-requests; " + value;
+        }
+        return {responseHeaders: details.responseHeaders};
+      }
+    }
+
+    // CSP headers not found
     const upgradeInsecureRequests = {
       name: 'Content-Security-Policy',
       value: 'upgrade-insecure-requests'