You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Just wanted to quickly report a problem that I have seen with certain websites which specify a CSP (Content Security Policy), such as GitHub avatar URLs. The inline styles for the canvas element are prevented to load because of the CSP directives. The inline styles are being added in addStyleElement():
The height="868" and width="32" attributes on the canvas, when not applied with the styles cause a large empty space at the top, which pushes other content down - in the GitHub avatar example, it appears as if the image is having trouble loading (really, it's just further down on the page, if the user scrolls):
Maybe the canvas can be hidden in other ways for websites specifying a CSP (or if there are other problems with the CSP, maybe the CSP could be overridden with a nonce from the extension, randomly generated on each page load)
Hi @neaumusic, thanks again for this extension! 🙌
Just wanted to quickly report a problem that I have seen with certain websites which specify a CSP (Content Security Policy), such as GitHub avatar URLs. The inline styles for the canvas element are prevented to load because of the CSP directives. The inline styles are being added in
addStyleElement():https://github.com/neaumusic/selection-highlighter/blob/d742eab49fb4fb7ddc86048005984aec1e086431/src/chrome_extension/content_script/utils.ts#L7-L31
The
height="868"andwidth="32"attributes on thecanvas, when not applied with the styles cause a large empty space at the top, which pushes other content down - in the GitHub avatar example, it appears as if the image is having trouble loading (really, it's just further down on the page, if the user scrolls):Demo URL: https://avatars.githubusercontent.com/u/3423750?v=4
Kapture.2023-08-20.at.11.04.03.mp4
Maybe the canvas can be hidden in other ways for websites specifying a CSP (or if there are other problems with the CSP, maybe the CSP could be overridden with a nonce from the extension, randomly generated on each page load)