|
|
|
|
|
|
by kretor
2525 days ago
|
|
|
This has been reported before, though not for extensions specifically:
https://bugs.chromium.org/p/chromium/issues/detail?id=329125 The result back then was that the reported behavior is in accordance with the CSP spec, so the issue was closed. Maybe Chrome should change their default CSP for extensions that haven't declared one though to disallow blob: URLs. |
|
|