ipfs-companion icon indicating copy to clipboard operation
ipfs-companion copied to clipboard
verified publisher icon ipfs

broken subresource redirects when CSP rule does not safelist localhost

Open lidel opened this issue 2 years ago • 1 comments

See https://github.com/SmaugPool/pool.pm/issues/20#issuecomment-1644792534 for repro steps.

CSP blocks image request and it does not load.

Potential fix is to ignore subresource requests with content-security-policy header that blocks loading resource from user's gateway. That way it loads from original URL and we don't break websites.

lidel avatar Jul 20 '23 23:07 lidel

@whizzzkid you should probably peek at this one while working on MV3

SgtPooki avatar Jul 24 '23 22:07 SgtPooki