alt Hacker NewsQuestion is, can you sidestep or disable them in user scripts or in developer tools, without disabling CSP entirely or doing something even more invasive (and generally precluding use of that browser instance for browsing)?
Question is, can you sidestep or disable them in user scripts or in developer tools, without disabling CSP entirely or doing something even more invasive (and generally precluding use of that browser instance for browsing)?
We made sure to exclude WebExtensions code from web pages's Trusted Types restrictions enforcement. (Bugs can happen of course)