diff --git a/system/Honeypot/Honeypot.php b/system/Honeypot/Honeypot.php
index c2f3cf67cc7b..82da90020cac 100644
--- a/system/Honeypot/Honeypot.php
+++ b/system/Honeypot/Honeypot.php
@@ -89,16 +89,16 @@ public function attachHoneypot(ResponseInterface $response)
$prepField = $this->prepareTemplate($this->config->template);
- $body = $response->getBody();
- $body = str_ireplace('', $prepField . '', $body);
+ $bodyBefore = $response->getBody();
+ $bodyAfter = str_ireplace('', $prepField . '', $bodyBefore);
- if ($response->getCSP()->enabled()) {
+ if ($response->getCSP()->enabled() && ($bodyBefore !== $bodyAfter)) {
// Add style tag for the container tag in the head tag.
- $style = '';
- $body = str_ireplace('', $style . '', $body);
+ $style = '';
+ $bodyAfter = str_ireplace('', $style . '', $bodyAfter);
}
- $response->setBody($body);
+ $response->setBody($bodyAfter);
}
/**
diff --git a/tests/system/Honeypot/HoneypotTest.php b/tests/system/Honeypot/HoneypotTest.php
index 65b27e3e07d6..f3b4a659934f 100644
--- a/tests/system/Honeypot/HoneypotTest.php
+++ b/tests/system/Honeypot/HoneypotTest.php
@@ -100,6 +100,24 @@ public function testAttachHoneypotAndContainerWithCSP(): void
$this->assertMatchesRegularExpression($regex, $this->response->getBody());
}
+ public function testNotAttachHoneypotWithCSP(): void
+ {
+ $this->resetServices();
+
+ $config = new App();
+ $config->CSPEnabled = true;
+ Factories::injectMock('config', 'App', $config);
+ $this->response = Services::response($config, false);
+
+ $this->config = new HoneypotConfig();
+ $this->honeypot = new Honeypot($this->config);
+
+ $this->response->setBody('');
+ $this->honeypot->attachHoneypot($this->response);
+
+ $this->assertSame('', $this->response->getBody());
+ }
+
public function testHasntContent(): void
{
unset($_POST[$this->config->name]);