Can't view json if server using CSP `sandbox`
Semigradsky opened this issue · 2 comments
Server response headers has: content-security-policy: sandbox allow-same-origin.
It is a blank window. I don't see any content.
There are errors:
Blocked script execution in 'https://jira.xxx.com/secure/attachment/1318184/timezones.json' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
[JsonDiscovery] Failed to parse JSON TypeError: s is not a function
at Pe (chrome-extension://p…clo/init.js:1:20392)
Chrome 103.0.5060.114
Version from store: https://chrome.google.com/webstore/detail/jsondiscovery/pamhglogfolfbmlpnenhpeholpnlcclo
Thanks for the report. We are aware of this problem and already working on it.
Hey @Semigradsky! I apologize for the delay but finally the release is published, and such errors should not occur anymore. Also on pages with similar CSP policies extension should work correctly and not rollback to display plain JSON.
You can grab bundled extension on the release page or you can wait for a while for it to be updated in the Chrome WebStore (the release has already been uploaded there and is waiting to be verified, also the release is already verified and available in Mozilla Add-ons).
If you come across any more errors, please let me know.