Open TimurBrave opened 2 years ago
Firefox only. Caused by differences in how it enforces a page’s content-security-policy (CSP) for extension content_scripts
injections versus Chrome. Both engines are supposed to execute the scripts in isolated_world and not the page’s context, yet Firefox applies the CSP from the page’s context to the extension’s context.
The underlying issue is somewhere in Firefox metabug #1267027-land. It’s impossible to work around or mitigate from the extension side without tweaking the every webpage’s CSP’s to allow script unsafe-inline
. It shouldn’t be necessary for content_scripts
, and it would never get passed extension review.
Secondarily, the site in question should catch network errors. It has a service worker to do so, it just doesn’t do anything useful with the exception (like display a network error or security message).
I can’t do anything about it.
@da2x, can I make this extension not to work to specified websites which are broken due to the Save Data header? soundcloud.com for instance
Hey man,
I hope you doing well and always have some tea/coffee to drink :)
I found out that with this extension the articles on the right side of the site devdocs.io does't load at all, instead the site show the massage:
Only when this extension is switch off the site start loading articles.
Thanks a lot man & have a great day ;) Timur