Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

$csp rules must be disabled if there's a document-level exception applied to the website #1093

Closed
ameshkov opened this issue Sep 7, 2018 · 1 comment
Assignees
Milestone

Comments

@ameshkov
Copy link
Member

@ameshkov ameshkov commented Sep 7, 2018

See the full spec here:
AdguardTeam/CoreLibs#15

This part is new:

  • @@||example.org^$document or @@||example.org^$urlblock — disables all the $csp rules on all the pages matching the rule pattern.
@ameshkov ameshkov added this to the 3.0 milestone Sep 7, 2018
@ameshkov ameshkov changed the title csp rules must be disabled if there's a document-level exception applied to the website $csp rules must be disabled if there's a document-level exception applied to the website Sep 7, 2018
@ameshkov ameshkov assigned Mizzick and unassigned maximtop Oct 2, 2018
@ameshkov ameshkov assigned maximtop and unassigned Mizzick Nov 7, 2018
@maximtop

This comment has been minimized.

Copy link
Contributor

@maximtop maximtop commented Dec 25, 2018

To test this issue go to the page https://maximtop.github.io/csp-rules/
You should see images
in the user's rules add
||maximtop.github.io^$csp=img-src 'none'

reload the page, images won't load
add rule
@@||maximtop.github.io^$urlblock
or
@@||maximtop.github.io^$document
reload the page
images should present again on the page because whitelist rules with $urlblock or $document modifier cancel block rules

@zzebrum zzebrum closed this Jan 9, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
4 participants
You can’t perform that action at this time.