You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We're going to be using the trusted-types scriptlet to counter YouTube ads: brave/adblock-lists#1933 (currently in Experimental, will be rolled out to all soon). Overriding Trusted Types is potentially dangerous, since the website puts the policy in place to prevent XSS attacks.
We don't currently use the trusted-types scriptlet anywhere else, but we should not accidentally inherit it from upstream. I propose checking this during the adblock lists packaging job. Note that we want to make sure we don't accidentally block the YT rule, so we should allow that one in particular.
The text was updated successfully, but these errors were encountered:
We're going to be using the trusted-types scriptlet to counter YouTube ads: brave/adblock-lists#1933 (currently in Experimental, will be rolled out to all soon). Overriding Trusted Types is potentially dangerous, since the website puts the policy in place to prevent XSS attacks.
We don't currently use the trusted-types scriptlet anywhere else, but we should not accidentally inherit it from upstream. I propose checking this during the adblock lists packaging job. Note that we want to make sure we don't accidentally block the YT rule, so we should allow that one in particular.
The text was updated successfully, but these errors were encountered: