Merge pull request #21 from joncrangle/csp-override

Allow the user to specify the Content Security Policy for a domain

README.md

@@ -128,6 +128,7 @@ See in [ruleset.yaml](ruleset.yaml) for an example.
     x-forwarded-for: none      # override X-Forwarded-For header or delete with none
     referer: none              # override Referer header or delete with none
     user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
+    content-security-policy: script-src 'self'; # override response header
     cookie: privacy=1
   regexRules:
     - match: <script\s+([^>]*\s+)?src="(/)([^"]*)"

handlers/proxy.go

@@ -33,6 +33,8 @@ func ProxySite(c *fiber.Ctx) error {
 	}
 
 	c.Set("Content-Type", resp.Header.Get("Content-Type"))
+	c.Set("Content-Security-Policy", resp.Header.Get("Content-Security-Policy"))
+
 	return c.SendString(body)
 }
 
@@ -111,6 +113,10 @@ func fetchSite(urlpath string, queries map[string]string) (string, *http.Request
 		return "", nil, nil, err
 	}
 
+	if rule.Headers.CSP != "" {
+		resp.Header.Set("Content-Security-Policy", rule.Headers.CSP)
+	}
+
 	log.Print("rule", rule)
 	body := rewriteHtml(bodyB, u, rule)
 	return body, req, resp, nil

handlers/types.go

@@ -16,6 +16,7 @@ type Rule struct {
 		XForwardedFor string `yaml:"x-forwarded-for,omitempty"`
 		Referer       string `yaml:"referer,omitempty"`
 		Cookie        string `yaml:"cookie,omitempty"`
+		CSP           string `yaml:"content-security-policy,omitempty"`
 	} `yaml:"headers,omitempty"`
 	GoogleCache bool    `yaml:"googleCache,omitempty"`
 	RegexRules  []Regex `yaml:"regexRules"`

ruleset.yaml

@@ -161,4 +161,5 @@
     referer: https://t.co/x?amp=1
     x-forwarded-for: none
     user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
+    content-security-policy: script-src 'self';
     cookie: