mirror of
https://github.com/iv-org/invidious.git
synced 2024-12-25 07:19:24 -05:00
70cbe91776
So attacks such as XSS (see [0]) will no longer be of an issue. [0]: https://github.com/omarroth/invidious/issues/1022
4 lines
262 B
JavaScript
4 lines
262 B
JavaScript
// Disable Web Workers. Fixes Video.js CSP violation (created by `new Worker(objURL)`):
|
|
// Refused to create a worker from 'blob:http://host/id' because it violates the following Content Security Policy directive: "worker-src 'self'".
|
|
window.Worker = undefined;
|