Project

General

Profile

Bug #89

Restore, to the extent necessary, the script sanitizing functionality

Added by koszko 5 months ago. Updated 5 months ago.

Status:
Closed
Priority:
Immediate
Assignee:
-
Start date:
09/04/2021
Due date:
% Done:

100%

Estimated time:

Description

Sanitizing of <script> tags was recently dropped because it seemed sufficient to rely on CSP rules being injected. The overlooked fact that under Chromium CSP is not applied to DOM elements added by content scripts causes re-added <html> node to have all its original <script>s executed

History

#1

Updated by koszko 5 months ago

  • % Done changed from 0 to 100
  • Status changed from New to Closed

Merged to master

Also available in: Atom PDF