Scenario
I have been trying to use Firebase CDN for my Chrome Extension. When I try to do that, I get an error stating that the CSP is not allowing inline Javascript to execute.
Error
The CSP has blocked inline Javascript, stating that XSS is possible. While I don't want that to happen, I do want to implement Firebase.
Work done so far
First, I tried creating a nonce with a meta tag. That didn't work. Then I tried exporting it to another file, but it tells me script-src blocked the Javascript.
So, what I'm I supposed to do?from How to use Firebase CDN in Chrome Extension bypassing CSP restrictions
No comments:
Post a Comment