From 7bee2ba27d72a84b8dd775a8b2bc1f72aba0c9ce Mon Sep 17 00:00:00 2001
From: Caleb James DeLisle <cjd@cjdns.fr>
Date: Thu, 15 Jun 2017 14:45:01 +0200
Subject: [PATCH] Add a semicolon at the end of the CSP if none exists.

---
 server.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/server.js b/server.js
index ec89ef2af..0db55f8d0 100644
--- a/server.js
+++ b/server.js
@@ -34,6 +34,7 @@ var setHeaders = (function () {
     const headers = clone(config.httpHeaders);
     if (config.contentSecurity) {
         headers['Content-Security-Policy'] = clone(config.contentSecurity);
+        if (!/;$/.test(headers['Content-Security-Policy'])) { headers['Content-Security-Policy'] += ';' }
         if (headers['Content-Security-Policy'].indexOf('frame-ancestors') === -1) {
             // backward compat for those who do not merge the new version of the config
             // when updating. This prevents endless spinner if someone clicks donate.