Feature #34
improve CSP injection blocking
Status:
Closed
Priority:
Normal
Assignee:
-
Start date:
07/01/2021
Due date:
% Done:
0%
Estimated time:
Description
There are some possible pathological cases like <script>
before <head>
. We should make sure CSP <meta>
tag we injects works for all corner cases.
Keep in mind we also have another script-blocking mechanisms employed simultaneously, so this is not as bad as it might seem.