{"json_modified": "2016-10-03T16:05:24.705619", "uuid": "fc8784a7-e3e6-4b50-ac65-42cc1052e7f0", "title": "content_security_policy", "url": "/en-US/docs/Mozilla/Add-ons/WebExtensions/manifest.json/content_security_policy", "tags": [], "translations": [], "modified": "2016-10-03T16:05:24", "label": "content_security_policy", "localization_tags": [], "locale": "en-US", "id": 185628, "last_edit": "2016-10-03T16:05:20", "summary": "WebExtensions have a content security policy applied to them by default. The default policy restricts the sources from which they can load<strong><a href=\"https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script\"> </a></strong><a href=\"https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script\">&lt;script&gt;</a> and <a href=\"https://developer.mozilla.org/en-US/docs/Web/HTML/Element/object\">&lt;object&gt;</a> resources, and disallows potentially unsafe practices such as the use of <code><a href=\"/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval\">eval()</a></code>. See <a href=\"/en-US/Add-ons/WebExtensions/Content_Security_Policy#Default_content_security_policy\">Default content security policy</a> to learn more about the implications of this.", "sections": [{"id": "Quick_Links", "title": null}, {"id": "Chrome_incompatibilities", "title": "Chrome incompatibilities"}, {"id": "content_security_policy", "title": null}, {"id": "Example", "title": "Example"}, {"id": "Valid_examples", "title": "Valid examples"}, {"id": "Invalid_examples", "title": "Invalid examples"}], "slug": "Mozilla/Add-ons/WebExtensions/manifest.json/content_security_policy", "review_tags": []}