Submitted via IRC for TheMightyBuzzard
The popular content blocking extension uBlock Origin blocks CSP reporting on websites that make use of it if it injects neutered scripts.
CSP, Content Security Policy, can be used by web developers to whitelist code that is allowed to run on web properties. The idea behind the feature is to prevent attackers from injecting JavaScript on websites protected by CSP.
CSP reports any attempt of interfering with the site's policies in regards to scripts to the webmaster. This happens when users connect to the site, and is used by webmasters to analyze and resolve the detected issues.
[...] Raymond Hill, the developer of uBlock Origin, replied stating that this was not a bug but by design. The extension blocks the sending of CSP reports if it injects a neutered Google Analytics script.
Source: https://www.ghacks.net/2017/10/19/ublock-criticized-for-blocking-csp/
(Score: 2) by urza9814 on Tuesday October 24 2017, @03:05PM (2 children)
If your bank sucks, pick a better one. I don't see the problem here...
You could always ask them. If they get enough requests for that info, they'll probably start marketing it. But I've never seen a bank that requires third-party scripts anyway, it seems like pretty poor security practices. So judge their competency the same way you would with anything else.
(Score: 2) by Pino P on Wednesday October 25 2017, @09:06PM (1 child)
The problem is that all banks suck. They just suck in different ways.
(Score: 2) by urza9814 on Thursday October 26 2017, @12:28PM
So use a credit union. I've got all my money with PSECU and they're fuckin awesome. I don't think I've ever paid them a dime...no overdraft fees, no ATM fees (even ATM fees charged by other banks get refunded), no checking or debit fees, no credit card fees, no fees for the bill payer. No real minimum balance (It's $5)...and at the end of every year they pay me just for having an account.