Reading Content Security Policy header with Manifest 3 - chrome extension

Question

We are working on an Open Source Chrome extension: Digital Assistant Client

We are trying to read and modify the "content security policy" header with chrome extension in manifest 3. We are using the declarativeNetRequest api for modification with append operation to allow our domains for fetching and posting data. In manifest v2 it is easy to read the header values by using

chrome.webRequest.onHeadersReceived.addListener( onHeadersReceived, onHeaderFilter, ['blocking', 'responseHeaders'] );

How can we acheive this in manifest 3 for reading the headers?

I have tried by defining the rules.json as given below

[ { "id": 1, "action": { "type": "modifyHeaders", "responseHeaders": [ { "header": "content-security-policy", "operation": "append", "value": "connect-src udan.nistapp.ai udantest.nistapp.ai" } ] }, "condition": { "resourceTypes": [ "csp_report", "font", "image", "main_frame", "media", "object", "other", "ping", "script", "stylesheet", "sub_frame", "webbundle", "websocket", "webtransport", "xmlhttprequest" ] } } ]

and in manifest as given below

.... permissions": [ .... "declarativeNetRequest", "declarativeNetRequestWithHostAccess", "declarativeNetRequestFeedback", ], "declarative_net_request": { "rule_resources": [{ "id": "csp_rules", "enabled": true, "path": "rules.json" }] }, ....

Problem:

When i try to append the value to the original, connect-src is getting overridden. So i want to read the header values such that i can modify the existing values. Is there a way for acheiving this?

Reading Content Security Policy header with Manifest 3 - chrome extension

Answers (1)

Related Questions