Revamp signatures and break header caching on FF - browser-extension - A Web Extension to facilitate replacing sites' js with user-supplied scripts

diff options

author	jahoti <jahoti@tilde.team>	2021-07-17 00:00:00 +0000
committer	jahoti <jahoti@tilde.team>	2021-07-17 00:00:00 +0000
commit	8b823e1a6f29e52effc086d02dfe2e2812b2e187 (patch)
tree	d86f7a69cb5faf00050aa774e3d2b675a41245ad /README.txt
parent	692577bbde5e8110855c022ec913324dfddce9ae (diff)
download	browser-extension-8b823e1a6f29e52effc086d02dfe2e2812b2e187.tar.gz browser-extension-8b823e1a6f29e52effc086d02dfe2e2812b2e187.zip

Revamp signatures and break header caching on FF

Signatures, instead of consisting of the secure salt followed by the unique value generated from the URL, are now the unique value generated from the policy value (which will follow them) succeeded by the URL. CSP headers are now _always_ cleared on FF, regardless of whether the page is whitelisted or not. This means whitelisting takes effect on page reload, rather than only when caching occurs. However, it obviously presents security issues; refinment will occur in a future commit.

Diffstat (limited to 'README.txt')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: