My V2 extension could load on an XML URL, for example:
https://www.timesunion.com/news/feed/Local-News-193.phpAnd the extension provided a link to XSL transform the XML into HTML.
The code did something like:
var pi = document.createProcessingInstruction('xml-stylesheet', 'href="' + xslUrl + '" type="text/xsl"');
document.insertBefore(pi, document.firstChild);
This does not work any more. With the xslUrl pointing to a XSL stylesheet on the same domain as the XML it will transform (which should be considered a safe URL), the error is:
Refused to load the script '
https://www.timesunion.com/xsl/hdn/xml-mrss.xsl' because it violates the following Content Security Policy directive: "script-src 'self' 'wasm-unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
This is what worked in V2
I tried to set the XSL stylesheet URL to chrome extension URL,
but then I get another error that the URL does not match the XML URL.
Any solution to that?