jsantell
commented
4 years ago Looks like react devtools has the same problem, although possibly only with Firefox, bugzilla/1267027
Open jsantell opened 4 years ago
jsantell
commented
4 years ago Looks like react devtools has the same problem, although possibly only with Firefox, bugzilla/1267027
Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”).Because the contentScript.js injects a payload into the user-space to access the Three objects, CSP settings can prevent inline script injections. No immediately solutions come to mind for debugging arbitrary three scenes, although we might be able to tag the script such that site owners can make an exception to the injected code (maybe by not inlining it and instead reference the allowlisted extension source, maybe an SRI attribute although that'd change for every release).