segment-boneyard/nightmare

Bypass CSP (Content Security Policy)

Open

#889 aperta il 15 nov 2016

Vedi su GitHub
 (5 commenti) (0 reazioni) (0 assegnatari)JavaScript (1076 fork)batch import
Help Wanted

Metriche repository

Star
 (19.507 star)
Metriche merge PR
 (Nessuna PR mergiata in 30 g)

Descrizione

I am trying to bypass CSP in order to run some eval() code or spawn web workers.

I found this issue on electron: https://github.com/electron/electron/issues/3430 which suggests using webFrame.registerURLSchemeAsBypassingCSP(scheme) http://electron.atom.io/docs/api/web-frame/#webframeregisterurlschemeasbypassingcspscheme

I have tried to do that in a preloader script but it doesn't seem to affect the page's policy.

Have you ever faced this or have any clue what might be wrong or a possible solution?

Thanks!

Guida contributor