Windows 10 reached EOS (end of support) on October 14, 2025. If you are on Windows 10, see this article.

Avatar for Username

Sök i support

Akta dig för supportbedrägerier: Vi kommer aldrig att be dig att ringa eller skicka ett sms till ett telefonnummer eller dela personlig information. Rapportera misstänkt aktivitet med alternativet "Rapportera missbruk".

Läs mer
Denna tråd har arkiverats. Ställ en ny fråga om du behöver hjälp.
Arkiverad

Bug on FF 77.0? Content Security Policy - The page’s settings is blocking the loading of an inline resource

Firefox Felsökning
stas.o1 besvarat
stas.o1
stas.o1

Hi, I have an add-on that I have developed, and I noticed that since firefox version 77.0, CSP is blocking my inline scripts at resource “script-src”. This doesn't reproduce on firefox version 76 or earlier, and I've read the release notes and I didn't notice any changes that might affect the api. Seems to me like there might be a bug on firefox. Could anyone please check? (please check it on a page with csp for example: https://www.dropbox.com/)

I have attached below a very simple add-on that all it does is to empty all csp headers. You can see that on ff version 77.0 or later I get error message:

Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). commons.js:24:16

on previous ff version I don't get this message

Here is the add-on to demonstrate it: https://drive.google.com/file/d/1gCPEgBRZB0WoTF-L_BnrGigvdiaHw-36/view?usp=sharing

Hi, I have an add-on that I have developed, and I noticed that since firefox version 77.0, CSP is blocking my inline scripts at resource “script-src”. This doesn't reproduce on firefox version 76 or earlier, and I've read the release notes and I didn't notice any changes that might affect the api. Seems to me like there might be a bug on firefox. Could anyone please check? (please check it on a page with csp for example: https://www.dropbox.com/) I have attached below a very simple add-on that all it does is to empty all csp headers. You can see that on ff version 77.0 or later I get error message: Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). commons.js:24:16 on previous ff version I don't get this message Here is the add-on to demonstrate it: https://drive.google.com/file/d/1gCPEgBRZB0WoTF-L_BnrGigvdiaHw-36/view?usp=sharing

Ändrad av stas.o1

Alla svar (2)

FredMcD
FredMcD

Add-on questions should be posted in the add-ons forum;
https://discourse.mozilla-community.org/c/add-ons