• Jobs
  • About Us
  • professionals
    • Home
    • Jobs
    • Courses and challenges
  • business
    • Home
    • Post vacancy
    • Our process
    • Pricing
    • Assessments
    • Payroll
    • Blog
    • Sales
    • Salary Calculator

0

113
Views
How To Disable/Bypass Content-Security-Policy with Tampermonkey

So i used firebase auth to connect to small web app i made in tampermonkey

auth.signInWithEmailAndPassword(email, password)

The issue is when i use it on the target page the content get blocked because Content-Security-Policy but this can be fixed in Firefox by disabling Content-Security-Policy

What i tried

1 / Fetch the data with this script fetch(auth.signInWithEmailAndPassword(email, password)) https://github.com/mitchellmebane/GM_fetch/blob/master/GM_fetch.js

2/ GM.xmlHttpRequest

GM.xmlHttpRequest({
  method: "POST",
  url: "...googleapis.com/v1/accounts:signInWithCustomToken?key="bla..bla",
 headers: {
    "Content-Type": "application/json"
  },
   data: {"email":email,"password":password,"returnSecureToken":true},

 onload: function(response) {
   auth.signInWithEmailAndPassword(email, password)

  }
})

3 / Chrome extension

https://chrome.google.com/webstore/detail/disable-content-security/ieelmcmcagommplceebfedjlakkhpden?hl=en

almost 3 years ago · Juan Pablo Isaza
Answer question
Find remote jobs

Discover the new way to find a job!

Top jobs
Top job categories
Business
Post vacancy Pricing Our process Sales
Legal
Terms and conditions Privacy policy
© 2025 PeakU Inc. All Rights Reserved.

Andres GPT

Recommend me some offers
I have an error