deevroman
commented
2 weeks ago Not exactly about CSP, but probably solving this problem will also help to bypass bypass CORS for some imagery
Open deevroman opened 2 weeks ago
deevroman
commented
2 weeks ago Not exactly about CSP, but probably solving this problem will also help to bypass bypass CORS for some imagery
Currently, switching satellite images only works in Firefox. It is implemented by simply replacing the src tag
https://github.com/deevroman/better-osm-org/blob/00555e8346a6424046e4176ccf0802f5ff944503/better-osm-org.user.js#L749
But this does not work in Chromium, which for some reason takes into account image-src CSP
Create an![]()
with the desired tile using GM_AddElement, and call replaceWith()
https://github.com/deevroman/better-osm-org/blob/00555e8346a6424046e4176ccf0802f5ff944503/better-osm-org.user.js#L751-L756
But this breaks Leaflet: when zooming in, new tiles are not loaded (you can get around it by switching tiles twice)
replaceWith probably breaks tile object references that are important for Leaflet. (event handlers?)
I have no idea how to overcome this or even understanding how GM_addElement bypasses CSP
Interesting points in the ViolentMonkey source code
https://github.com/violentmonkey/violentmonkey/blob/692ffb97743fbbcd549d1ed81969e915125ebfd7/src/injected/content/gm-api-content.js#L31
https://github.com/violentmonkey/violentmonkey/blob/692ffb97743fbbcd549d1ed81969e915125ebfd7/src/background/utils/preinject.js#L625