![]() ![]() And the Google Analytics script, as it doesn't provide a nonce pass, it doesn't even execute. What does that page do? It shows that despite it prevents external JS files, it allows the external JS by using the nonce attribute but also it blocks the inline script that doesn't match the nonce password. In the past I did tests to check support with the following page, just to do the opposite, block Google Analytics and prevent users to be tracked: ![]() Similar might happen with Goanna 3.5, I don't know its release timing, but, anyway, Palemoon has been always behind since they forked to Goanna. In fact, on Gecko 31, so K-meleon 75.x ~2015-2016, there isn't support by just "a split second" on the release/engine embedding timing.ĭespite what MDN says, is not available to all Gecko 31 CSP harms users that want to change pages contents (us) but, for the average, it is needed, as, for nonce, prevent add-ons to behave wildly injecting JS and breaking users security.ĬSP 2.0, which added the nonce policy, has been there for long ago:Ĭontent Security Policy nonce explanation and support (almost at the end) ![]() Isn't it funny - GoogleMAIL, GoogleIMAGES, and Google-YOUTUBE insist on this, oh well. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |