Facebook patched extensions

Discussion in 'FaceBook' started by ballot, Sep 22, 2012.

  1. ballot

    ballot Junior Member

    Joined:
    Dec 17, 2007
    Messages:
    102
    Likes Received:
    10
    No anymore you can include remote js files
    they added this header

    just install timelineremove or social plus extension and open console

    X-WebKit-CSP: default-src *;script-src https://*.facebook.com http://*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';connect-src https://*.facebook.com http://*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.spotilocal.com:*;report-uri http://www.facebook.com/csp.php

    Refused to load the script 'http://**.js?**=518110.13830166194' because it violates the following Content Security Policy directive: "script-src https://*.facebook.com http://*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl 'unsafe-inline' 'unsafe-eval'".