phryneas
commented
2 days ago That is curious - a CSP blocking JS execution should to my knowledge just not execute that JS (and issue a warning) - but never crassh the whole page.
I'll investigate.
Open robinwhittleton opened 3 days ago
phryneas
commented
2 days ago That is curious - a CSP blocking JS execution should to my knowledge just not execute that JS (and issue a warning) - but never crassh the whole page.
I'll investigate.
phryneas
commented
2 days ago Note: this only seems to happen in Firefox, not in Chrome.
phryneas
commented
2 days ago Irritatingly, if I build the extension locally, it neither crashes Firefox nor Chrome.
phryneas
commented
2 days ago While I can't find a way to really prevent this, the same is happening with the Redux DevTools and the React DevTools.
I can't really imagine that this has gone unnoticed for so long... maybe it's a regression in Firefox itself?
As I already said, I would expect FF to just continue going after a warning, not crash the whole page 🤔
phryneas
commented
2 days ago I had a chat with the maintainer of the Redux Devtools about this, this could be the way to go @jerelmiller
Intended outcome:
Load a page with a CSP of
default-src 'self';(in this case https://standardebooks.org/). The page is expected to load and render regardless of the CSP settings.Actual outcome:
Blank screen, and CSP errors in the console. This was originally reported at https://github.com/standardebooks/web/issues/397.
How to reproduce the issue:
Visit https://standardebooks.org/, observe blank page, observe errors in the console.
Desktop (please complete the following information):