Author Topic: Firefox CSP Issue may cause extension conflicts  (Read 825 times)

0 Members and 1 Guest are viewing this topic.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19557
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Firefox CSP Issue may cause extension conflicts
« on: May 23, 2019, 06:14:57 PM »
From Firefox CSP Issue may cause extension conflicts - gHacks Tech News:
Quote
Mozilla Firefox has an issue right now that is causing conflicts if multiple extensions are installed that modify CSP headers on visited sites.

CSP, which stands for Content Security Policy, is a security addition that sites may use to detect and mitigate certain attack types such as Cross Site Scripting or data injections.

Browser extensions may use CSP injection to modify headers. The popular content blocker uBlock Origin may use it to block remote fonts from loading on pages visited in the browser, and Canvas Blocker uses it to block data URL pages.

The referenced article includes a link that ghacks maintains of extensions known to use CSP.  In addition to uBlock Origin, the list includes popular extensions including HTTPS Everywhere and others.

If you use uBlock Origin on Firefox and are experiencing issues, try the following solution for uBlock Origin: 
  • Tools > Add-ons > Extensions > uBlock Origin
  • Dashboard > Settings > UNcheck "Block remote fonts" under Default Behavior.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.