Skip to content

Commit

Permalink
[injectors > kernel] Fix vencord's theme loader, ugh
Browse files Browse the repository at this point in the history
  • Loading branch information
yellowsink committed Jan 27, 2024
1 parent 19ed890 commit db263ac
Showing 1 changed file with 9 additions and 1 deletion.
10 changes: 9 additions & 1 deletion injectors/kernel/main.js
Original file line number Diff line number Diff line change
Expand Up @@ -25,13 +25,21 @@ Object.defineProperty(session, "defaultSession", {
// this means it's safe to patch CSP now without doing any further waiting

if (!cspIsPatched) {
dsess.webRequest.onHeadersReceived(({ responseHeaders }, done) => {
dsess.webRequest.onHeadersReceived(({ responseHeaders, resourceType }, done) => {
const cspHeaders = Object.keys(responseHeaders).filter(
(name) =>
name.toLowerCase().startsWith("content-security-policy") ||
name.toLowerCase().startsWith("access-control-allow-origin"),
);

// what the hell is wrong with vencord
// oh well we'll just implement their weird choices so as to maintain compatibility because
// the #1 priority of this shelter injection method is vencord compatibility.
if (resourceType === "stylesheet") {
const header = Object.keys(responseHeaders).find((h) => h.toLowerCase() === "content-type") ?? "content-type";
responseHeaders[header] = "text/css";
}

for (const header of cspHeaders) delete responseHeaders[header];

// Allow loading content from sites that don't allow CORS, like raw.githubusercontent.com
Expand Down

0 comments on commit db263ac

Please sign in to comment.