Edit Content Security Policy In OnHeadersReceived

September 07, 2022 Post a Comment

I'm developing a small chrome extension for myself to embed an iframe into the website. Content Security Policy makes this difficult, since the frame-src directive on a few website

Solution 1:

The sources from which you can load iframes are restricted by the CSP of their parent frame.

If you want to embed your iframe into the main frame, you need to change the CSP header in the main frame. Change types: [ "sub_frame" ] in your code above to types: [ "main_frame" ] to do that.

Also please note that manipulation of headers using chrome.webRequest.onHeadersReceived is not very reliable. Only one extension at a time can modify them, so other extensions that do so may break your extension.

Baca Juga

Magento Sort Product List With Isotope Or Masonry
Jquery Capture The Word Value
Javascript Expand/collapse Text - Collapse On Default

JavaScript Passion

Edit Content Security Policy In OnHeadersReceived

Solution 1:

Post a Comment for "Edit Content Security Policy In OnHeadersReceived"