Add undetectable tainted domains
-
A domain is tainted when Content Security Policies do not allow Decentraleyes to inject bundled resources. I'm adding more and more detection mechanisms, but also maintain a list of currently undetectable tainted domains to make sure this add-on does not break any major websites.
It is expected that these injection issues can be fully resolved by porting the add-on to
WebExtensions
(this depends on the final, stable, implementation of the interface). So, with a bit of luck, Decentraleyesv2.0.0
and onwards will not be affected by these complicated restrictions.All CDN resources requested by known tainted domains will be treated as missing.
-
Created by: Gitoffthelawn
Thanks Thomas. Makes sense. Hopefully WebExtensions will resolve this.
When you say "All CDN resources requested by known tainted domains will be treated as missing", do you mean the site will simply not receive the resource or that it will load it from the CDN?
-
When you say "All CDN resources requested by known tainted domains will be treated as missing", do you mean the site will simply not receive the resource or that it will load it from the CDN?
That depends on the user's add-on preferences. Requests for unavailable libraries are allowed through unless the end-user activates "block requests for missing resources" in settings.