So i used firebase auth to connect to small web app i made in tampermonkey
auth.signInWithEmailAndPassword(email, password)
The issue is when i use it on the target page the content get blocked because
Content-Security-Policy
but this can be fixed in Firefox by disabling Content-Security-Policy
What i tried
1 / Fetch the data with this script
fetch(auth.signInWithEmailAndPassword(email, password))
https://github.com/mitchellmebane/GM_fetch/blob/master/GM_fetch.js
2/ GM.xmlHttpRequest
GM.xmlHttpRequest({
method: "POST",
url: "...googleapis.com/v1/accounts:signInWithCustomToken?key="bla..bla",
headers: {
"Content-Type": "application/json"
},
data: {"email":email,"password":password,"returnSecureToken":true},
onload: function(response) {
auth.signInWithEmailAndPassword(email, password)
}
})
3 / Chrome extension