public/ESH-Media
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity
Files
e80704c534e30fe7b843c54f12da31e0c6bd54b6
ESH-Media/package.json
eshmeshek e80704c534 fix(1.0.7): disable Trusted Types engine-wide via Blink feature flag 
The 1.0.6 fix (strip require-trusted-types-for from CSP via
onHeadersReceived) didn't take effect: cliqz/adblocker calls
session.webRequest.onHeadersReceived during enableBlockingInSession,
overwriting our hook (Electron permits only one listener per session).

Replace with engine-level kill switch:
  app.commandLine.appendSwitch('disable-blink-features', 'TrustedDOMTypes')

Makes the entire Trusted Types runtime feature inert, so
require-trusted-types-for CSP becomes a no-op site-wide. Safe in this
kiosk/single-user context; only relaxes one security boundary that
sites use to harden against XSS via adblocker-style script injection —
which is exactly what we need to neutralize for cliqz's anti-anti-adblock
scriptlets on YouTube.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-16 22:14:19 +03:00

76 lines
1.8 KiB
JSON
Raw Blame History

{
"name": "ESH-Media",
"version": "1.0.7",
"private": true,
"main": "main.js",
"scripts": {
"dev:renderer": "vite",
"dev:electron": "node scripts/start-electron.js",
"dev": "concurrently \"npm:dev:renderer\" \"npm:dev:electron\"",
"build:renderer": "vite build",
"build:win": "npm run build:renderer && electron-builder --win",
"build:linux": "npm run build:renderer && electron-builder --linux",
"build": "npm run build:renderer && electron-builder --win --linux",
"dist": "electron-builder"
},
"dependencies": {
"@cliqz/adblocker-electron": "^1.34.0",
"cheerio": "^1.2.0",
"electron-updater": "^6.8.3",
"node-fetch": "^2.7.0",
"react": "^18.3.1",
"react-dom": "^18.3.1"
},
"devDependencies": {
"@types/react": "^18.3.3",
"@types/react-dom": "^18.3.0",
"@vitejs/plugin-react": "^4.3.1",
"concurrently": "^8.2.2",
"electron": "^32.0.0",
"electron-builder": "^24.13.3",
"typescript": "^5.5.4",
"vite": "^5.4.2",
"wait-on": "^8.0.0"
},
"build": {
"appId": "com.ESH-Media",
"productName": "ESH-Media",
"asar": true,
"directories": {
"output": "release"
},
"files": [
"dist/**/*",
"main.js",
"preload.js",
"package.json",
"extensions/**/*"
],
"win": {
"target": [
"nsis",
"zip"
],
"icon": "public/favicon.ico"
},
"nsis": {
"oneClick": false,
"allowToChangeInstallationDirectory": true
},
"linux": {
"target": [
"AppImage",
"deb"
],
"icon": "public/logo.png",
"category": "Utility"
},
"publish": [
{
"provider": "generic",
"url": "https://gitea.esh-service.ru/public/ESH-Media/releases/download/latest/"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink