From 5d92d1b9745e465dabce2b0eac2f4a126eb7a36b Mon Sep 17 00:00:00 2001
From: hackademix <giorgio@maone.net>
Date: Tue, 28 Jul 2020 23:45:10 +0200
Subject: [PATCH] Anticipate onScriptDisabled surrogates to first script-src
 'none' CSP violation.

---
 src/content/content.js          | 8 +++++---
 src/content/onScriptDisabled.js | 5 +++++
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/content/content.js b/src/content/content.js
index 95ba7aa..62d3cf9 100644
--- a/src/content/content.js
+++ b/src/content/content.js
@@ -87,7 +87,10 @@ window.addEventListener("pageshow", notifyPage);
 let violations = new Set();
 window.addEventListener("securitypolicyviolation", e => {
   if (!e.isTrusted) return;
-  let type = e.violatedDirective.split("-", 1)[0]; // e.g. script-src 'none' => script
+  let {violatedDirective} = e;
+  if (violatedDirective === `script-src 'none'`) onScriptDisabled();
+
+  let type = violatedDirective.split("-", 1)[0]; // e.g. script-src 'none' => script
   let url = e.blockedURI;
   if (!(url && url.includes(":"))) {
     url = document.URL;
@@ -120,8 +123,7 @@ ns.on("capabilities", () => {
       })();
     }
 
-    if (document.readyState !== "loading") onScriptDisabled();
-    window.addEventListener("DOMContentLoaded", onScriptDisabled);
+    onScriptDisabled();
   }
 
   notifyPage();
diff --git a/src/content/onScriptDisabled.js b/src/content/onScriptDisabled.js
index fbd2cc3..4727eb2 100644
--- a/src/content/onScriptDisabled.js
+++ b/src/content/onScriptDisabled.js
@@ -1,4 +1,9 @@
 function onScriptDisabled() {
+  if (document.readyState === "loading") {
+    window.addEventListener("DOMContentLoaded", e => onScriptDisabled());
+    return;
+  }
+  onScriptDisabled = () => {};
   let refresh = false;
   for (let noscript of document.querySelectorAll("noscript")) {
     // force show NOSCRIPT elements content