const filts = {
    urls: ["https://desuarchive.org/*",
        "https://arch.b4k.co/*",
        "https://kohlchan.net/*"
    ],
    types: ["main_frame", "sub_frame", "csp_report", "object", "other", "ping"]
};

chrome.webRequest.onHeadersReceived.addListener(details => {
    const nuke = ['https://arch.b4k.co/', 'https://kohlchan.net/'];
    if (nuke.some(u => details.url.startsWith(u)) && details.type == "main_frame") {
        const e = details.responseHeaders.findIndex(e => e.name.toLowerCase() == "content-security-policy");
        if (e >= 0)
            details.responseHeaders[e].value = "";
        return {
            responseHeaders: [
                ...details.responseHeaders,
                { name: 'access-control-allow-origin', value: '*' }
            ]
        };
    }
}, filts, ['blocking', 'responseHeaders']);