hiro/tridactyl
1
0
Fork 0
mirror of https://github.com/vale981/tridactyl synced 2025-03-04 17:11:40 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Clarify .tridactylrc

Browse source
This commit is contained in:
Janek 2022-07-27 22:42:49 +02:00 committed by GitHub
parent 69e57485b9
commit e4cafb71c1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
.tridactylrc
View file

@ -122,14 +122,14 @@
" " For details, read the comment at the top of this file. " " For details, read the comment at the top of this file.
" fixamo_quiet " fixamo_quiet
" "
" " The following modification allows Tridactyl to function on more pages, e.g. raw GitHub pages.
" " You may not wish to run this. Mozilla strongly feels that you shouldn't.
" " Read https://wiki.mozilla.org/Security/CSP#Goals for more information.
" "
" " Equivalent to `set csp clobber` before it was removed. " " Equivalent to `set csp clobber` before it was removed.
" " This weakens your defences against cross-site-scripting attacks " " This weakens your defences against cross-site-scripting attacks
" " and other types of code-injection by reducing the strictness " " and other types of code-injection by reducing the strictness
" " of Content Security Policy on all sites in a couple of ways. " " of Content Security Policy on all sites in a couple of ways.
" "
" " You may not wish to run this. Mozilla strongly feels that you shouldn't.
" "
" " It allows Tridactyl to function on more pages, e.g. raw GitHub pages.
" " " "
" " We remove the sandbox directive " " We remove the sandbox directive
" " https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox " " https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox
@ -138,9 +138,7 @@
" " We weaken the style-src directive " " We weaken the style-src directive
" " https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src " " https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src
" " to allow us to theme our elements. " " to allow us to theme our elements.
" " This exposes you to 'cross site styling' attacks. " " This exposes you to 'cross site styling' attacks
" "
" " Read https://wiki.mozilla.org/Security/CSP#Goals for more information.
" jsb browser.webRequest.onHeadersReceived.addListener(tri.request.clobberCSP,{urls:["<all_urls>"],types:["main_frame"]},["blocking","responseHeaders"]) " jsb browser.webRequest.onHeadersReceived.addListener(tri.request.clobberCSP,{urls:["<all_urls>"],types:["main_frame"]},["blocking","responseHeaders"])
" "
" " Make quickmarks for the sane Tridactyl issue view " " Make quickmarks for the sane Tridactyl issue view