Website CSP prevents evaluating code in page

Question

Website CSP prevents evaluating code in page

Closed this issue 3 years ago · 5 comments

OS Version: Linux x86-64 4.8.17-040817-generic, KDE SC 4.13.2
Browser Version: Firefox 83 (64bit)
Browser Addon Version: 0.1.32
Neovim Plugin Version: 0.1.32
What I tried to do:
- Does not work at https://hosted.weblate.org/ at all on any editable field.
What happened:
- For the first time text fields can not be focused and edited, the second attempt (after page reloading) allows editing but without firenvim's features.
- I have tried clean Firefox profile with only firenvim installed.
- Other sites works well.

Answer 1 · 2020-12-02T05:02:18.000Z

This happens because the site's CSP prevents evaluating code in the page. There's nothing I can do unfortunately :/. You can permanently disable firenvim on this website with the following configuration:

let g:firenvim_config = {
  \ 'localSettings': {
    \ 'https?://hosted\.weblate\.org': {
      \ 'takeover': 'never'
    \ }
  \ }
\ }

Answer 2 · 2020-12-02T21:12:32.000Z

Thanks for explanation. Creator of weblate.org does not care about nvim embedding see: WeblateOrg/weblate#4963 (comment)

Answer 3 · 2020-12-02T22:18:08.000Z

How does this relate to #145?

Answer 4 · 2020-12-03T05:41:13.000Z

@alerque It falls in the same category as #145 but while #145 will be fixed by the patch I sent to Mozilla, #811 won't.

@zbyna I'll re-open this issue, maybe one day I'll find the time to write a firefox patch to fix this :)

Answer 5 · 2021-09-25T18:47:02.000Z

It took a lot of effort but I managed to fix this on master. The fix will reach you once I publish a new release :)