Y
Hacker News
new
|
ask
|
show
|
jobs
by
davidmurdoch
433 days ago
We modified the CSP to inject a per user generated nonce that exempts it script from the policy.
They said this was not allowed and removed it from the extension store.