discoveryjs/JsonDiscovery

Can't view json if server using CSP `sandbox`

Closed this issue · 2 comments

Server response headers has: content-security-policy: sandbox allow-same-origin.
It is a blank window. I don't see any content.

There are errors:

Blocked script execution in 'https://jira.xxx.com/secure/attachment/1318184/timezones.json' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.

[JsonDiscovery] Failed to parse JSON TypeError: s is not a function
    at Pe (chrome-extension://p…clo/init.js:1:20392)

Chrome 103.0.5060.114
Version from store: https://chrome.google.com/webstore/detail/jsondiscovery/pamhglogfolfbmlpnenhpeholpnlcclo

exdis commented

Thanks for the report. We are aware of this problem and already working on it.

exdis commented

Hey @Semigradsky! I apologize for the delay but finally the release is published, and such errors should not occur anymore. Also on pages with similar CSP policies extension should work correctly and not rollback to display plain JSON.
You can grab bundled extension on the release page or you can wait for a while for it to be updated in the Chrome WebStore (the release has already been uploaded there and is waiting to be verified, also the release is already verified and available in Mozilla Add-ons).
If you come across any more errors, please let me know.