|
|
|
|
|
|
by 1vuio0pswjnm7
15 days ago
|
|
|
To be clear, there are Firefox add-ons distributed at addons.mozilla.org that allow the user to add/modify/delete HTTP response headers and bodies One can use these to insert a Content-Security-Policy, either via HTTP header or <meta> tag, that disables Javascript and CSS Personally, I use a local forward proxy to insert HTTP response headers, not a browser add-on, for experimentation and learning As a matter of practice, I read HTML with a customised text-only browser that does not auto-load resources, nor does it interpret Javascript or CSS. There is no DNS prefetching or other nonsense. As such, a "Content Security Policy" is not necessary |
|
|