requestly icon indicating copy to clipboard operation
requestly copied to clipboard
verified publisher icon requestly

bug: HTML custom elements fails to inject in sites with strict CSP

Open zidad opened this issue 1 year ago • 3 comments

I'm getting a lot of errors in the console on sites with CSP enabled, seems like requestly is trying to do a lot more than just the rules I specified (modifying headers).

Screenshot 2024-06-18 at 12 33 38

zidad avatar Jun 18 '24 10:06 zidad

Hey @zidad . To make it easy to monitor whether the rules are applied or not on a page, we inject a custom HTML element. These errors are mostly due to that only but they are completely harmless. You can learn more about the feature here

You can disable this feature by going to https://app.requestly.io/settings/global-settings . That should get rid of these issues.

wrongsahil avatar Jun 21 '24 06:06 wrongsahil

Great, that worked, thanks! They are harmless but when you're building/debugging sites I don't want to see any errors in my console... Maybe it's possible for requestly to check for CSP policies before trying to inject the elements?

zidad avatar Jun 21 '24 08:06 zidad

Makes sense. These unwanted errors can cause developers to look in the wrong direction.

We already handle CSP issues in our Response Rule. This can also be handled similarly. Adding this to our triage for now

wrongsahil avatar Jun 21 '24 08:06 wrongsahil