70cbe91776
So attacks such as XSS (see [0]) will no longer be of an issue. [0]: https://github.com/omarroth/invidious/issues/1022
3 lines
262 B
JavaScript
3 lines
262 B
JavaScript
// Disable Web Workers. Fixes Video.js CSP violation (created by `new Worker(objURL)`):
|
|
// Refused to create a worker from 'blob:http://host/id' because it violates the following Content Security Policy directive: "worker-src 'self'".
|
|
window.Worker = undefined;
|