From c90f4933df193f90624dff6a7da75c4c6f88ef49 Mon Sep 17 00:00:00 2001
From: Raymond Hill <rhill@raymondhill.net>
Date: Wed, 10 Jul 2024 11:41:55 -0400
Subject: [PATCH] Fix CSP/PP header injection in non-document resources

Related feedback:
https://github.com/uBlockOrigin/uBlock-issues/issues/229#issuecomment-2220354261
https://old.reddit.com/r/uBlockOrigin/comments/1dz6du7/

Regression from:
https://github.com/gorhill/uBlock/commit/7c3e060c01
---
 src/js/traffic.js | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/src/js/traffic.js b/src/js/traffic.js
index f8e98b898..4777a8470 100644
--- a/src/js/traffic.js
+++ b/src/js/traffic.js
@@ -553,11 +553,16 @@ const onHeadersReceived = function(details) {
     if ( httpheaderFilteringEngine.apply(fctxt, responseHeaders) === true ) {
         modifiedHeaders = true;
     }
-    if ( injectCSP(fctxt, pageStore, responseHeaders) === true ) {
-        modifiedHeaders = true;
-    }
-    if ( injectPP(fctxt, pageStore, responseHeaders) === true ) {
-        modifiedHeaders = true;
+
+    // https://github.com/uBlockOrigin/uBlock-issues/issues/229#issuecomment-2220354261
+    // Inject CSP/PP in document resource only
+    if ( fctxt.isDocument() ) {
+        if ( injectCSP(fctxt, pageStore, responseHeaders) === true ) {
+            modifiedHeaders = true;
+        }
+        if ( injectPP(fctxt, pageStore, responseHeaders) === true ) {
+            modifiedHeaders = true;
+        }
     }
 
     // https://bugzilla.mozilla.org/show_bug.cgi?id=1376932
@@ -945,10 +950,6 @@ const bodyFilterer = (( ) => {
 /******************************************************************************/
 
 const injectCSP = function(fctxt, pageStore, responseHeaders) {
-    // https://github.com/uBlockOrigin/uBlock-issues/issues/229#issuecomment-2220354261
-    // Inject CSP in document resource only
-    if ( fctxt.isDocument() === false ) { return; }
-
     const cspSubsets = [];
     const requestType = fctxt.type;