0

I see in Chrome's documentation that the content security policies for Chrome Apps can't be relaxed. However, I'm wondering: can the content security policy be updated to make it more restrictive? If so how is that done?

The manifest.json for Chome Apps does not include a field for content_security_policy like the manifest.json for extensions does.

johnnyodonnell
  • 1,838
  • 3
  • 16
  • 34
  • 1
    There's no way to use content_security_policy but maybe it'll process the `meta` tags in html e.g . `` – wOxxOm Sep 18 '20 at 04:20
  • Does this answer your question? [Content Security Policy in Chrome App](https://stackoverflow.com/questions/21130400/content-security-policy-in-chrome-app) - looks like you can/should use sandboxing. – wOxxOm Sep 18 '20 at 04:22
  • @wOxxOm that SO question looks more relevant to Chrome extensions and less relevant to Chrome apps. I like the idea of putting the CSP in a meta tag - I might try that out. Thanks for the suggestion! – johnnyodonnell Sep 18 '20 at 04:30
  • Eh? That topic describes all of the options. Except the meta tag, which I haven't tried. – wOxxOm Sep 18 '20 at 04:32

0 Answers0