Post

Replies

Boosts

Views

Activity

Any way to avoid Content Security Policy violations for elements inserted by extensions?
Hi! It seems like in Safari, elements inserted into a page by web extensions (such as and elements) are currently subject to the page's Content Security Policy. If the CSP is strict enough, this prevents these elements from loading. Based on my testing, I've found that this behavior is different in other browsers, where a page's CSP is not applied to elements inserted by an extension. Is this expected behavior in Safari, or might it be considered a bug? Any advice on working around these restrictions, as it currently prevents my extension from working correctly on websites with a strict CSP?
2
0
101
3w
Any way to avoid Content Security Policy violations for elements inserted by extensions?
Hi! It seems like in Safari, elements inserted into a page by web extensions (such as and elements) are currently subject to the page's Content Security Policy. If the CSP is strict enough, this prevents these elements from loading. Based on my testing, I've found that this behavior is different in other browsers, where a page's CSP is not applied to elements inserted by an extension. Is this expected behavior in Safari, or might it be considered a bug? Any advice on working around these restrictions, as it currently prevents my extension from working correctly on websites with a strict CSP?
Replies
2
Boosts
0
Views
101
Activity
3w