CSPBlocker by Carlos Jeurissen
ExperimentalExperimental
Block certain web features to improve security, privacy and performance.
You'll need Firefox to use this extension
Extension Metadata
About this extension
The goal of this extension is to gain back control over your browser by blocking web features a website doesn't need.
For now, it supports these features:
Web Fonts
This blocks any custom web fonts a website may ask for. It's blocked by adding an additional content-security-policy with font-src set to 'none'.
Objects (Java / Flash)
This blocks any object a website might try to load. This includes java and flash applets. Again this is achieved with a content-security-policy, by setting object-src to 'none'.
Reporting apis
This blocks any reporting a website might want to do. This can include netwerk issues, content security policy violations, and more. We achieve this by removing the report-to and content-security-policy-report-only headers from any sub/main frame requests. In addition, any content security policy report gets blocked and never sent to the websites server.
Workers
This blocks any workers a website may ask for. This can be used to block serviceworkers, which can be used to spam the user with notifications, keep running in the background and more. This is blocked by setting worker-src to 'none' in the content-security-policy header.
This extension is still in development. In the future, you will be able to select what features it should or should not be blocking. In addition, further controls will be added so you can control what websites should receive what exceptions.
For now, it supports these features:
Web Fonts
This blocks any custom web fonts a website may ask for. It's blocked by adding an additional content-security-policy with font-src set to 'none'.
Objects (Java / Flash)
This blocks any object a website might try to load. This includes java and flash applets. Again this is achieved with a content-security-policy, by setting object-src to 'none'.
Reporting apis
This blocks any reporting a website might want to do. This can include netwerk issues, content security policy violations, and more. We achieve this by removing the report-to and content-security-policy-report-only headers from any sub/main frame requests. In addition, any content security policy report gets blocked and never sent to the websites server.
Workers
This blocks any workers a website may ask for. This can be used to block serviceworkers, which can be used to spam the user with notifications, keep running in the background and more. This is blocked by setting worker-src to 'none' in the content-security-policy header.
This extension is still in development. In the future, you will be able to select what features it should or should not be blocking. In addition, further controls will be added so you can control what websites should receive what exceptions.
Rate your experience
Support this developer
The developer of this extension asks that you help support its continued development by making a small contribution.
PermissionsLearn more
This add-on needs to:
- Access your data for all websites
More information
- Add-on Links
- Version
- 0.0.5
- Size
- 12.37 KB
- Last updated
- a year ago (Oct 18, 2023)
- Related Categories
- License
- GNU General Public License v2.0 only
- Version History
Add to collection
Release notes for 0.0.5
More extensions by Carlos Jeurissen
- There are no ratings yet
- There are no ratings yet
- There are no ratings yet
- There are no ratings yet
- There are no ratings yet
- There are no ratings yet