From 46a87a649bf814471f02c4583f43d4f304efa432 Mon Sep 17 00:00:00 2001
From: gorhill <rhill@raymondhill.net>
Date: Thu, 18 Aug 2016 11:54:38 -0400
Subject: [PATCH] fix #1909

---
 src/js/traffic.js | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/js/traffic.js b/src/js/traffic.js
index 4d6fb1f0a..9e9a44b22 100644
--- a/src/js/traffic.js
+++ b/src/js/traffic.js
@@ -611,7 +611,13 @@ var foilInlineScripts = function(headers) {
     //   Since we are modifying an existing CSP header, we need to strip out
     //   'report-uri' if it is present, to prevent spurious reporting of CSP
     //   violation, and thus the leakage of information to the remote site.
-    csp = csp.replace(reScriptsrc, '') + scriptsrc.replace(reUnsafeinline, '');
+    csp = csp.replace(reScriptsrc, '').trim();
+    // https://github.com/gorhill/uBlock/issues/1909
+    //   Add missing `;` if needed.
+    if ( csp !== '' && csp.slice(-1) !== ';' ) {
+        csp += '; ';
+    }
+    csp += scriptsrc.replace(reUnsafeinline, '').trim();
     headers.push({
         'name': 'Content-Security-Policy',
         'value': csp.replace(reReporturi, '')