[UNTESTED- will test] Use more nuanced CSP filtering - browser-extension - A Web Extension to facilitate replacing sites' js with user-supplied scripts

about summary refs log tree commit diff

path: root/common/stored_types.js

diff options

author	jahoti <jahoti@tilde.team>	2021-07-21 00:00:00 +0000
committer	jahoti <jahoti@tilde.team>	2021-07-21 00:00:00 +0000
commit	57b80d7244eeec3dcdb1bdfd0dc905657c5e8b86 (patch)
tree	bfe6f3c5824c80439137d0aef4d8c31d5855371e /common/stored_types.js
parent	efce4e9807889e9269534b19c8e0cbb4df527ecd (diff)
download	browser-extension-57b80d7244eeec3dcdb1bdfd0dc905657c5e8b86.tar.gz browser-extension-57b80d7244eeec3dcdb1bdfd0dc905657c5e8b86.zip

[UNTESTED- will test] Use more nuanced CSP filtering

CSP headers are now parsed and processed, rather than treated as simple units. This allows us to ensure policies delivered as HTTP headers do not interfere with our script filtering, as well as to preserve useful protections while removing the ones that could be problematic. Additionally, prefetching should now be blocked on pages where native scripts aren't allowed, and all reporting of CSP violations has been stripped (is this appropriate?).

Diffstat (limited to 'common/stored_types.js')

0 files changed, 0 insertions, 0 deletions