File tree Expand file tree Collapse file tree 1 file changed +9
-7
lines changed
Expand file tree Collapse file tree 1 file changed +9
-7
lines changed Original file line number Diff line number Diff line change @@ -30,21 +30,23 @@ module.exports = function (options) {
3030
3131 return function csp ( req , res , next ) {
3232 if ( styleNonce ) {
33- if ( value . match ( / s t y l e - s r c ' n o n c e - .{ 48 } ' / ) ) {
34- value = value . replace ( value . match ( / ' s t y l e - s r c n o n c e - .{ 48 } ' / ) , 'style-src \'nonce-' + res . locals . nonce + '\'' ) ;
35- }
33+ var styleMatch = value . match ( / s t y l e - s r c ' n o n c e - .{ 48 } ' / ) ;
34+ if ( styleMatch ) {
35+ value = value . replace ( styleMatch [ 0 ] , 'style-src \'nonce-' + res . locals . nonce + '\'' ) ;
36+ }
3637 else {
3738 value = value . replace ( 'style-src' , 'style-src \'nonce-' + res . locals . nonce + '\'' ) ;
3839 }
39- }
40+ }
4041 if ( scriptNonce ) {
41- if ( value . match ( / s c r i p t - s r c ' n o n c e - .{ 48 } ' / ) ) {
42- value = value . replace ( value . match ( / s c r i p t - s r c ' n o n c e - .{ 48 } ' / ) [ 0 ] , 'script-src \'nonce-' + res . locals . nonce + '\'' ) ;
42+ var scriptMatch = value . match ( / s c r i p t - s r c ' n o n c e - .{ 48 } ' / ) ;
43+ if ( scriptMatch ) {
44+ value = value . replace ( scriptMatch [ 0 ] , 'script-src \'nonce-' + res . locals . nonce + '\'' ) ;
4345 }
4446 else {
4547 value = value . replace ( 'script-src' , 'script-src \'nonce-' + res . locals . nonce + '\'' ) ;
4648 }
47- }
49+ }
4850 res . header ( name , value ) ;
4951 next ( ) ;
5052 } ;
You can’t perform that action at this time.
0 commit comments