Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Unified Diff: pages/filters.html

Issue 29754559: Issue 54 - Add documentation for the $csp filter option (Closed)
Patch Set: Incorporate Sebastian's suggestions Created April 17, 2018, 3:10 p.m.
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: pages/filters.html
diff --git a/pages/filters.html b/pages/filters.html
index 18ccf2eeaa147243a58b7e0d77a4dd9b502f9e53..9786e12071aeb82d6f29af9510016b38540df3d6 100644
--- a/pages/filters.html
+++ b/pages/filters.html
@@ -170,6 +170,9 @@ title=Writing Adblock Plus filters
<li>
{{s72 Sitekey restrictions: The option <code><fix>sitekey=abcdsitekeydcba</fix></code> means that the filter should only be applied on pages that provide a public key and a signature which can be verified by that very same public key that is also contained in the filter (but without the trailing =). Multiple sitekeys can be specified using "|" as separator: with the option <code><fix>sitekey=abcdsitekeydcba|bcdesitekeyedcb</fix></code> the filter will only be applied on pages providing either sitekey "abcdsitekeydcba" or "bcdesitekeyedcb". This is similar to domain restrictions but allows covering scenarios where a single filter should apply to a very large number of domains. Note that sitekey restrictions require <a href="#sitekey_server">modifications on the server-side</a>.}}
</li>
+ <li>
+ {{csp Content Security Policies: The option <code><fix>csp=script-src: 'none'</fix></code> causes a Content Security Policy header of <code><fix>script-src: 'none'</fix></code> to be injected into HTTP responses for requested documents matching the filter — assuming that exception rules with the same option don't also match and that the document isn’t whitelisted. The Content Security Policy <code><fix>script-src: 'none'</fix></code> would in turn block all scripts — including inline — for the document. This filter option should generally be avoided, except as a last resort to counter advanced circumvention. Adblock Plus 3.1 or higher required.}}
+ </li>
<li>{{s73 <code><fix>match-case</fix></code> — makes the filter only apply to addresses with matching letter case, e.g. the filter <code><fix>*/BannerAd.gif$match-case</fix></code> will block <code><fix>http://example.com/BannerAd.gif</fix></code> but not <code><fix>http://example.com/bannerad.gif</fix></code>.}}</li>
<li>{{s74 <code><fix>collapse</fix></code> — this option will override the global "Hide placeholders of blocked elements" option and make sure the filter always hides the element. Similarly the <code><fix>~collapse</fix></code> option will make sure the filter never hides the element.}}</li>
<li>
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld