mirror of
https://github.com/iv-org/invidious.git
synced 2025-11-02 13:18:31 -06:00
9219038469
So attacks such as XSS (see [0]) will no longer be of an issue. [0]: https://github.com/omarroth/invidious/issues/1022
4 lines
262 B
JavaScript
4 lines
262 B
JavaScript
// Disable Web Workers. Fixes Video.js CSP violation (created by `new Worker(objURL)`):
|
|
// Refused to create a worker from 'blob:http://host/id' because it violates the following Content Security Policy directive: "worker-src 'self'".
|
|
window.Worker = undefined;
|