Thanks Boris, but what does that mean for me now? Repeating my intention "that I want to send an identifier for some inline script tag via a new CSP rule, check if an existing inline script tag owns this identifier and allow its execution only in this case" I still ask myself: can I use shouldProcess() for this?
Besides, you write that in some cases it might not get called for inline scripts. Could you please explain these cases? Regards, Jeremy _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security