Firefox CSP Issue may cause extension conflicts

Started by Corrine, May 23, 2019, 07:14:57 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Corrine

May 23, 2019, 07:14:57 PM
From Firefox CSP Issue may cause extension conflicts - gHacks Tech News:
QuoteMozilla Firefox has an issue right now that is causing conflicts if multiple extensions are installed that modify CSP headers on visited sites.

CSP, which stands for Content Security Policy, is a security addition that sites may use to detect and mitigate certain attack types such as Cross Site Scripting or data injections.

Browser extensions may use CSP injection to modify headers. The popular content blocker uBlock Origin may use it to block remote fonts from loading on pages visited in the browser, and Canvas Blocker uses it to block data URL pages.

The referenced article includes a link that ghacks maintains of extensions known to use CSP.  In addition to uBlock Origin, the list includes popular extensions including HTTPS Everywhere and others.

If you use uBlock Origin on Firefox and are experiencing issues, try the following solution for uBlock Origin: 

  • Tools > Add-ons > Extensions > uBlock Origin
  • Dashboard > Settings > UNcheck "Block remote fonts" under Default Behavior.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.
Print
Go Up Pages1
User actions