Skip to content

Commit ac65dd7

Browse files
save file
1 parent 6377f40 commit ac65dd7

File tree

1 file changed

+32
-5
lines changed

1 file changed

+32
-5
lines changed

blog/25-12-04/bypass-csp/bypass-csp.html

Lines changed: 32 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -128,7 +128,7 @@
128128
</script init>
129129

130130

131-
<link rel=stylesheet href='https://fonts.googleapis.com/css2?family=Pacifico&display=swap'>
131+
<link rel=stylesheet href='https://fonts.googleapis.com/css2?family=Pacifico&display=swap' crossorigin=anonymous>
132132
<link rel=stylesheet href='/blog/css/blog.css'>
133133

134134
<style>
@@ -209,7 +209,10 @@
209209

210210
blog-hdr h1
211211
{font-family:pacifico}
212-
212+
213+
.br
214+
{margin-top: 1.5em}
215+
213216
</style>
214217

215218
</head>
@@ -230,21 +233,45 @@ <h1 class=title style='position:absolute;left:0;right:0;margin:auto;top:-10px'>
230233

231234
<div class=description>
232235
<p>
236+
I was in the process of answer this question
237+
<br>
238+
<br>
239+
<a href='https://stackoverflow.com/questions/79833235/is-it-possible-to-connect-to-a-local-python-server-using-secure-web-sockets-from'>
240+
Is it possible to connect to a local Python server using secure web sockets from a browser console on an HTTPS webpage?
241+
<span class=link-domain>
242+
stackoverflow.com
243+
</span>
244+
</a>
245+
<br>
246+
<br>
247+
but i didnt qant to get -1'd for no reason ...
248+
<a href='https://stackoverflow.com/questions/28099493/running-ffmpeg-in-browser-options/79820132#79820132'>
249+
Running ffmpeg in browser - options?
250+
<span class=link-domain>
251+
stackoverflow.com
252+
</span>
253+
</a>
254+
<br>
255+
<br>
256+
so i thought i'd write a blog post about it anyway
257+
<br>
258+
<br>
233259
Discover how to overcome the content-security-policy for a website.
234260
</p>
235261
</div>
236262

237263

238264
<h3 class=blog-hdr>
239-
Manidest v2
265+
Manifest v2
240266
</h3>
241267

242268
<section class=blog-text>
243269
so right off the bat, manifest v2 is capable of removing the contest-security-policy on a web request<br>
244-
<br>
245270
firefox still ( currently, at the time of writing ) supports manifest v2, it has the bindings for manifest v3 but
246271
they are just stubs that do nothing<br>
247-
<br>
272+
273+
<div class=br></div>
274+
248275
chromium and hence google chrome, edge, brave, opera and any of the myriad of browsers that are based on chromium do
249276
not support manifest v2<br>
250277
<br>

0 commit comments

Comments
 (0)