CSPBlocker by Carlos Jeurissen
Block certain web features to improve security, privacy and performance.
You'll need Firefox to use this extension
Extension Metadata
About this extension
The goal of this extension is to gain back control over your browser by blocking web features a website doesn't need.
For now, it supports these features:
Web Fonts
This blocks any custom web fonts a website may ask for. It's blocked by adding an additional content-security-policy with font-src set to 'none'.
Objects (Java / Flash)
This blocks any object a website might try to load. This includes java and flash applets. Again this is achieved with a content-security-policy, by setting object-src to 'none'.
Reporting apis
This blocks any reporting a website might want to do. This can include netwerk issues, content security policy violations, and more. We achieve this by removing the report-to and content-security-policy-report-only headers from any sub/main frame requests. In addition, any content security policy report gets blocked and never sent to the websites server.
Workers
This blocks any workers a website may ask for. This can be used to block serviceworkers, which can be used to spam the user with notifications, keep running in the background and more. This is blocked by setting worker-src to 'none' in the content-security-policy header.
This extension is still in development. In the future, you will be able to select what features it should or should not be blocking. In addition, further controls will be added so you can control what websites should receive what exceptions.
For now, it supports these features:
Web Fonts
This blocks any custom web fonts a website may ask for. It's blocked by adding an additional content-security-policy with font-src set to 'none'.
Objects (Java / Flash)
This blocks any object a website might try to load. This includes java and flash applets. Again this is achieved with a content-security-policy, by setting object-src to 'none'.
Reporting apis
This blocks any reporting a website might want to do. This can include netwerk issues, content security policy violations, and more. We achieve this by removing the report-to and content-security-policy-report-only headers from any sub/main frame requests. In addition, any content security policy report gets blocked and never sent to the websites server.
Workers
This blocks any workers a website may ask for. This can be used to block serviceworkers, which can be used to spam the user with notifications, keep running in the background and more. This is blocked by setting worker-src to 'none' in the content-security-policy header.
This extension is still in development. In the future, you will be able to select what features it should or should not be blocking. In addition, further controls will be added so you can control what websites should receive what exceptions.
Rated 4 by 2 reviewers
Permissions and dataLearn more
Required permissions:
- Access your data for all websites
More information
- Add-on Links
- Version
- 0.0.5
- Size
- 12.37 KB
- Last updated
- 2 years ago (Oct 18, 2023)
- Related Categories
- License
- All Rights Reserved
- Version History
- Add to collection
Support this developer
The developer of this extension asks that you help support its continued development by making a small contribution.
Release notes for 0.0.5
More extensions by Carlos Jeurissen
There are no ratings yet- There are no ratings yet
- There are no ratings yet
- There are no ratings yet
- There are no ratings yet
- There are no ratings yet