[CSP] Modify existing content security policy not work #1845
Comments
|
now i use https://chrome.google.com/webstore/detail/disable-content-security/ieelmcmcagommplceebfedjlakkhpden |
|
If it worked earlier you can switch "Modify existing content security policy (CSP) headers" from "Auto" to "Yes". This will restore the old behavior. However, Tampermonkey can't support CSP relaxing in Chrome when manifest v3 becomes mandatory and also won't support CSP relaxing in Firefox in the near future. |
|
I switched to "yes", but it still didn't work. |
|
Then is never worked with a strict page CSP. You have to set the option to "Remove" (which is working fine here) or better use a bundler like webpack to include all sources in one script, or use |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
(Please fill out the issue template with your details)
Expected Behavior
Modify existing content security policy (CSP) headers: Remove entirely (possibly unsecure)
Actual Behavior
not work, cannot remove csp headers
still show "Refused to load the script 'https://esm.sh/octokit' because it violates the following Content Security Policy directive"
Seems to have a version before is valid. I remember when I first wrote this script (a month ago) it worked.
Specifications
Script
(Please give an example of the script if applicable.)
The text was updated successfully, but these errors were encountered: