Open fireattack opened 1 month ago
The site explicitly throws on any foreign element added under <html>
node. It's the first time I see such a site. As a workaround you can enable Circumvent CSP 'style-src' via adoptedStyleSheets
in the options.
Bug Report
Bug Description
Injecting any rule, even the ones will not match, would break any websites built with this caseme.io service, including their homepage: https://caseme.io/ (I originally found this bug when visiting another site, https://roitman.io/blog/91.)
There are bunch of errors in console from React:
Screenshots
CSS Code
Any rule would break it. E.g.
System Information
Additional Context