platform icon indicating copy to clipboard operation
platform copied to clipboard

Published 20 hours ago verified publisher icon dashpay

Need 'unsafe-eval' content_security_policy in WebExtension API

Open ghost opened this issue 4 years ago • 2 comments

Expected Behavior

DashJS loading with the default content_security_policy configured in WebExtension Manifest (Chrome,Firefox Extension)

Current Behavior

Need to set 'unsafe-eval' content_security_policy (which is not allowed if u want to submit the app to the official Chrome/Firefox-Extension-Store)

Context

Here is the description what might be the cause if u need to set 'unsafe-eval': https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Content_Security_Policy#eval%28%29_and_friends

Steps to Reproduce & logs

In Chrome-Wallet i need to set it, else dash.min.js wont load: https://github.com/readme55/Dash-Chrome-Wallet/blob/master/app/manifest.json

ghost avatar Apr 22 '20 16:04 ghost

Discussed in Triage - P1, to fixed as a post v21 priority

SamKirby22 avatar Sep 10 '21 09:09 SamKirby22

~After internal discussion we suggest to lower the priority a bit since browser extensions might not be coming with the initial mainnet release. We might be testing it with our testnet though after providing some simplified solution - what would be useful for the mainnet purpose later on. What do you think about that?~

we will be on it soon, ignore the previous comment

dash-maverick avatar Jan 21 '22 12:01 dash-maverick