8/12/2023 0 Comments Ublock orgin![]() So if you globally disable CSP reporting in uBO, this will also apply to behind-the-scene network requests. The behind-the-scene network requests that are actual CSP reports will get filtered out by this setting. This per-site switch is to address this shortcoming. There is no easy way to toggle CSP reporting in either Chromium or Firefox. User agents MUST allow users to disable reporting with some reasonable amount of granularity in order to maintain the priority of constituencies espoused in. Sending reports costs bandwidth, and potentially could reveal some small amount of additional information above and beyond what a website can obtain in-band (, for instance). That said, it can’t be the case that this general benefit be allowed to take priority over the ability of a user to individually opt-out of such a system. The purpose of CSP reporting is strictly a development tool for websites.Ĭonsider this excerpt from Reporting API / Privacy Considerations (my emphasis): ![]() Important: disabling CSP reporting is not something that will break web pages. You can block network requests made as a result of your browser reporting Content Security Policy violations ("CSP reports") to a remote server (which can be 3rd-party to the site where the violation occurred). In 1.31.3rc1, blocking CSP reports was enabled in Firefox to mitigate fingerprinting attempts described in LiCybora/NanoDefenderFirefox#196.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |