Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: mv2 firefox csp header #27770
base: develop
Are you sure you want to change the base?
fix: mv2 firefox csp header #27770
Changes from 1 commit
f8014e2
51e7033
c6bd1bd
1905247
cd551fd
a35b17e
d1a84c2
885c320
ba383e4
c048d41
dc0d053
95b3ad8
ab2896d
9a7cd35
d1e0bce
267a35c
52053ab
8f68b2a
9baaa86
fe9188e
f32f598
2e53360
f72aa1d
a939b23
fe6f667
File filter
Filter by extension
Conversations
Jump to
There are no files selected for viewing
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We might want to check some additional properties before overriding the CSP headers, as there is no reason to modify the headers if we aren't going to end up injecting inpage.js.
For example, we only every try injecting the inpage provider when our function
shouldInjectProvider
returnstrue
. We can't useshouldInjectProvider
as is here in the background script, becauseshouldInjectProvider
uses the page'sdocument
andwindow
in its checks, but we could use parts of it (with a little refactoring).If
suffixCheck
andblockedDomainCheck
could be refactored to take aURL
as a param, instead of relying onwindow.location
as they do now, we could use these existing functions to further limit when we might modify the CSP headers.