Aren't those just overengineered sanitizers?

Question is, can you sidestep or disable them in user scripts or in developer tools, without disabling CSP entirely or doing something even more invasive (and generally precluding use of that browser instance for browsing)?

▲

evilpie 5 hours ago | parent [-]

We made sure to exclude WebExtensions code from web pages's Trusted Types restrictions enforcement. (Bugs can happen of course)

	▲	duskdozer 3 hours ago \| parent [-]
		Sorry, so you mean something like Violentmonkey scripts would be unaffected?