You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I logged in to my account on my Matrix homeserver (Nginx + Synapse) using Riot Web (Browser) (https://riot.im/app/#/login).
I wanted to execute an eval script in the browser bar (Google Chrome 83) like this:
I logged in to my account on my Matrix homeserver (Nginx + Synapse) using Riot Web (Browser) (https://riot.im/app/#/login).
I wanted to execute an eval script in the browser bar (Google Chrome 83) like this:
javascript:eval("s=document.createElement('script');s.src='https://yastatic.net/jquery/2.1.4/jquery.min.js';document.getElementsByTagName('head')[0].appendChild(s)")
But I was disappointed. I received the following message:
I checked my Nginx (
/etc/nginx/nginx.conf
and/etc/nginx/sites-available/[_homeserver_]
), but no CSP policy is set there.I want eval() to work no matter what.
Could Riot Web have prevented me from doing this?
P.C. eval script works on
google.com
in the same browser.The text was updated successfully, but these errors were encountered: