[Feature Request] Trust/Allow script(s) to run on a single site/domain only, instead of globally #345
Comments
|
How does this differ (if it does) from Contextual Policies? |
|
It doesn't, that's exactly what I was asking for, I just hadn't noticed it 👍 |
I noticed there's a problem with contextual policies - it can only be set for a single domain, so if a common script such as ajax.googleapis.com is custom set to be 'allowed' on a single domain and then I 'temporarily allow' it on another domain - the contextual policy is reset and it's no longer automatically allowed on the original set domain. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Reason: Certain scripts can be used to serve either benign or malicious code, depending on the domain owners intentions.
I find myself stuck in the position where I don't want to trust certain scripts globally, because they could potentially be used to serve malicious code, but then always having to 'temporarily allow' said scripts on trusted websites that I frequent.
Being able to 'trust' a script to always run on a certain website only, instead of globally on all websites would be useful.
The text was updated successfully, but these errors were encountered: