Skip to main content

Content Security Policy

As made clear by the CSP spec, browser bookmarklets shouldn't be affected by CSP. [..]

But, none of the browsers get this correct. All cause CSP violations and prevent the bookmarklet from functioning.

Though its highly discouraged, you can disable CSP in Firefox as a temporary workaround. Open up about:config and set security.csp.enable to false.

Finally I can bookmark github.com pages though my Firefox bookmarklets again. Wasn't aware that CSP was the culprit...

Link

nixCraft's tweet

Lol. Sad and true. Via https://xkcd.com/1553/

Link

Listening to h01ger's talk on https://reproducible-builds.org/ - interesting concept regarding security. Will this become standard one day?