From ab2b39ce6ed50bfd763dc5d8b7ea0be250ae5a2a Mon Sep 17 00:00:00 2001 From: hackademix Date: Tue, 12 Nov 2024 09:35:37 +0100 Subject: [PATCH] Remove uuid from DNR reporting CSP to prevent it from being abused for tracking. --- src/bg/DNRPolicy.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/bg/DNRPolicy.js b/src/bg/DNRPolicy.js index e41f3bc..d153bde 100644 --- a/src/bg/DNRPolicy.js +++ b/src/bg/DNRPolicy.js @@ -81,7 +81,7 @@ const reportingCSP = `${reportedCaps .map(cap => `${cap}-src 'none'`) .join(';') - }; report-to noscript-reports-${uuid()}`; // see /content/content.js securitypolicyviolation handler + }; script-src-elem 'none'; report-to noscript-reports-dnr`; // see /content/content.js securitypolicyviolation handler let updatingSemaphore;