Sandbox not working in CSP

When the sandbox directive is included in the contentsecuritypolicy, even when it includes allow-scripts, it breaks all functionality from the extensions. It seems allow-scripts is simply ignored.
Up vote post of carlosj Down vote post of carlosj
1.3k views
Posted by
carlosj
Reply
Add a Comment

Replies

See feedback assistant ticket: https://feedbackassistant.apple.com/feedback/9612454

Posted by
carlosj
Up vote reply of carlosj Down vote reply of carlosj
Add a Comment

Is it possible to add a sample extension that reproduces this to the feedback? I'm not exactly sure what the error you are seeing is.

Thanks!

Posted by
bweinstein
Up vote reply of bweinstein Down vote reply of bweinstein
Add a Comment

A sample extension can be found here: https://static.jeurissen.co/9612454-apple-sandbox-issue.zip

In Chrome and Firefox, "loading..." changes to "loaded". Not in safari due to this issue. The script simply doesn't load.

Posted by
carlosj
Up vote reply of carlosj Down vote reply of carlosj
Add a Comment

The manifest of said sample extension:

manifest.json
Posted by
carlosj
Up vote reply of carlosj Down vote reply of carlosj
Add a Comment