From 10ae9aee7920b996f224b8f956cdc7364084d632 Mon Sep 17 00:00:00 2001
From: Martin Zmitko <martin@zmitko.cz>
Date: Jul 04 2023 13:06:53 +0000
Subject: Fix incorrect CSP script-src handling


Replace script-src only with following whitespace, script-src-elem and
similiar got broken when replacing regardless of whitespace.

---

diff --git a/common/background.js b/common/background.js
index 7c47f5b..58b8293 100644
--- a/common/background.js
+++ b/common/background.js
@@ -51,6 +51,7 @@ function tabUpdate(tabid, changeInfo) {
 // on tab reload or tab change, update metadata
 browser.tabs.onUpdated.addListener(tabUpdate);     // reload tab
 
+const scriptSrcRegex = /script-src\s/;
 // Modify CSP headers to allow WASM execution in page context
 function cspRequestProcessor(details) {
 	// Because this handler fires before configuration for the page is created,
@@ -81,7 +82,7 @@ function cspRequestProcessor(details) {
 			continue;
 		}
 		let origCSP = header.value;
-		header.value = header.value.replace("script-src", "script-src 'wasm-unsafe-eval'");
+		header.value = header.value.replace(scriptSrcRegex, "script-src 'wasm-unsafe-eval' ");
 		if (origCSP !== header.value) {
 			modified = true;
 		}