Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Dropbox CSP messes with Adguard scripts #1678

Closed
ameshkov opened this issue Apr 9, 2017 · 1 comment
Closed

Dropbox CSP messes with Adguard scripts #1678

ameshkov opened this issue Apr 9, 2017 · 1 comment
Assignees
Labels
Milestone

Comments

@ameshkov
Copy link
Member

@ameshkov ameshkov commented Apr 9, 2017

https://forum.adguard.com/index.php?threads/cosmetic-rules-does-not-work-on-dropbox-com.20797/

Content-Security-Policy: script-src 'unsafe-eval' https://www.dropbox.com/static/compiled/js/ https://www.dropbox.com/static/javascript/ https://www.dropbox.com/static/api/ https://cfl.dropboxstatic.com/static/compiled/js/ https://www.dropboxstatic.com/static/compiled/js/ https://cfl.dropboxstatic.com/static/previews/ https://www.dropboxstatic.com/static/previews/ https://cfl.dropboxstatic.com/static/javascript/ https://www.dropboxstatic.com/static/javascript/ https://cfl.dropboxstatic.com/static/api/ https://www.dropboxstatic.com/static/api/ 'unsafe-inline' 'nonce-uNltZXARXYzCuEXhBi2c' ; default-src 'none' ; worker-src https://www.dropbox.com/static/serviceworker/ blob: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; connect-src https://* ws://127.0.0.1:*/ws ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; form-action 'self' https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ ; base-uri 'self' api-stream.dropbox.com https://showbox-tr.dropbox.com ; img-src https://* data: blob: ; report-uri https://www.dropbox.com/log/csp_enforced ; frame-src https://* carousel://* dbapi-6://* dbapi-7://* dbapi-8://* itms-apps://* itms-appss://* ; object-src https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ 'self' https://flash.dropboxstatic.com https://swf.dropboxstatic.com https://dbxlocal.dropboxstatic.com ; media-src https://* blob: ; font-src https://* data:; script-src 'nonce-uNltZXARXYzCuEXhBi2c' 'nonce-E6pZK98fedwx6K3g3ecf' 'unsafe-eval' 'strict-dynamic' ; report-uri https://www.dropbox.com/log/csp_enforced
@ameshkov ameshkov added this to the 6.2 milestone Apr 9, 2017
@suhan3z

This comment has been minimized.

Copy link
Contributor

@suhan3z suhan3z commented Apr 17, 2017

Fixed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.