Open aaronliu0130 opened 1 year ago
https://github.com/ohmyzsh/ohmyzsh/tree/master/plugins/catimg
Content Security Policy: The page’s settings blocked the loading of a resource at https://asciinema.org/a/Hr6o4z5O2AMEZKnTTPQenpOot/iframe? (“frame-src”).
This appears to be magically fixed now?
Doesn't work anymore anymore
It would be great if you could port your browser extension from Chrome/ium also to other browsers like Firefox, i.e. making it a cross-compatible browser extension (“WebExtension”).
See https://extensionworkshop.com/documentation/develop/porting-a-google-chrome-extension/ for more information on how to do that.
@rugk But a Firefox extension exists, it's just that it doesn't work.
I k now but maybe the docs can provide some insight here, e.g. here it says:
This randomness can prevent you from doing things, such as adding your extension's URL to another domain's CSP policy.
Or about the CSP of the webextension: https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Content_Security_Policy#default_content_security_policy
But as the CSP of GitHub here is likely an issue if I read it right, this here could explain the difference:
The extent to which the CSP controls loads from content scripts varies by browser. In Firefox, JavaScript features such as eval are restricted by the extension CSP. Generally, most DOM-based APIs are subjected to the CSP of the web page. In Chrome, many DOM APIs are covered by the extension CSP instead of the web page's CSP (crbug 896041).