[Webkit-unassigned] [Bug 149000] Some extensions triggers CSP violation reports
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Aug 30 03:11:47 PDT 2018
https://bugs.webkit.org/show_bug.cgi?id=149000
Alexander Ljungberg <aljungberg at wireload.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |aljungberg at wireload.net
--- Comment #4 from Alexander Ljungberg <aljungberg at wireload.net> ---
I'm also affected by this issue. I wrote a script to add some keyboard shortcuts to Phabricator and I inject it using Tampermonkey. Phabricator added a CSP header and it stops my extension from even loading.
In my opinion, the best solution would be to allow extensions to do what they want (that's the purpose of extensions after all).
The second best solution would be able to turn off CSP on a per site basis, say in Preferences.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20180830/7287280e/attachment-0001.html>
More information about the webkit-unassigned
mailing list