[UNTESTED- will test] Use more nuanced CSP filtering - browser-extension - A Web Extension to facilitate replacing sites' js with user-supplied scripts

about summary refs log tree commit diff

path: root/common/misc.js

diff options

author	jahoti <jahoti@tilde.team>	2021-07-21 00:00:00 +0000
committer	Wojtek Kosior <koszko@koszko.org>	2021-07-26 11:09:57 +0200
commit	fba4820bec6714115ef03bd4bdfd714ba485ac2c (patch)
tree	6b3b113cabbdb99280b03b67b00aa88b44150e2d /common/misc.js
parent	57e4ed2b06d15747b20737bad14bcdd2d73fd8a6 (diff)
download	browser-extension-fba4820bec6714115ef03bd4bdfd714ba485ac2c.tar.gz browser-extension-fba4820bec6714115ef03bd4bdfd714ba485ac2c.zip

[UNTESTED- will test] Use more nuanced CSP filtering

CSP headers are now parsed and processed, rather than treated as simple units. This allows us to ensure policies delivered as HTTP headers do not interfere with our script filtering, as well as to preserve useful protections while removing the ones that could be problematic. Additionally, prefetching should now be blocked on pages where native scripts aren't allowed, and all reporting of CSP violations has been stripped (is this appropriate?).

Diffstat (limited to 'common/misc.js')

0 files changed, 0 insertions, 0 deletions