mirror of
https://github.com/iv-org/invidious
synced 2024-12-11 04:13:30 +01:00
70cbe91776
So attacks such as XSS (see [0]) will no longer be of an issue. [0]: https://github.com/omarroth/invidious/issues/1022
4 lines
262 B
JavaScript
4 lines
262 B
JavaScript
// Disable Web Workers. Fixes Video.js CSP violation (created by `new Worker(objURL)`):
|
|
// Refused to create a worker from 'blob:http://host/id' because it violates the following Content Security Policy directive: "worker-src 'self'".
|
|
window.Worker = undefined;
|