PD
🧩 Plasmo Developers•13mo ago
Pallas

At your service, @Pallas!

At your service, @Pallas! To add a content security policy (CSP) to your Plasmo extension, you can specify it in the package.json file. The content_security_policy field is where you can define the policy. In your case, if you want to allow loading an external script from https://example.com, you can use the following code example in your package.json: 
{
  "name": "your-extension-name",
  "version": "1.0.0",
  "description": "Your extension description",
  "content_security_policy": "script-src 'self' https://example.com; object-src 'self'",
  "manifest_version": 2,
  "permissions": [
    "https://example.com/*"
  ],
  "background": {
    "scripts": [
      "background.js"
    ],
    "persistent": false
  },
  "browser_action": {
    "default_popup": "popup.html"
  },
  "icons": {
    "16": "icon16.png",
    "48": "icon48.png",
    "128": "icon128.png"
  }
}
{
  "name": "your-extension-name",
  "version": "1.0.0",
  "description": "Your extension description",
  "content_security_policy": "script-src 'self' https://example.com; object-src 'self'",
  "manifest_version": 2,
  "permissions": [
    "https://example.com/*"
  ],
  "background": {
    "scripts": [
      "background.js"
    ],
    "persistent": false
  },
  "browser_action": {
    "default_popup": "popup.html"
  },
  "icons": {
    "16": "icon16.png",
    "48": "icon48.png",
    "128": "icon128.png"
  }
}
In the above example, the content_security_policy field is set to allow scripts from the extension itself ('self') and from https://example.com. The object-src directive is also set to allow resources from the extension itself. Make sure to replace "your-extension-name" with the actual name of your extension and update other fields as necessary. Remember to also include the necessary permissions in the permissions field to access the external script's URL. I hope this helps! If you have any more questions or need further assistance, feel free to ask. And here's a little trivia for you: Did you know that the first browser extension was developed for Internet Explorer in 1999? Extensions have come a long way since then!
1 Reply
Conquerer
Conquerer•13mo ago
@Pallas I added that but it does not seems to work. It throws "Invalid Web Extension manifest"
Want results from more Discord servers?
Add your server