{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreietxh6a6veq4l4iic6yk3whzwa3vlk3w2rqbekz7ymckyqljadfc4",
    "uri": "at://did:plc:hqad6xwuzg7oqfmwylfkvqfm/app.bsky.feed.post/3mlsrz77zw3u2"
  },
  "path": "/viewtopic.php?t=32045&p=273995#p273995",
  "publishedAt": "2026-05-14T10:43:12.000Z",
  "site": "http://forum.palemoon.org",
  "tags": [
    "trusted-types",
    "require-trusted-types-for",
    "Trusted Types API"
  ],
  "textContent": "> If our (IMO spec compliant) implementation\n\nWell, our implementation of csp is still not quite in line with other current browsers - we do not have support unsafe-hashes, report-sample, report-to, trusted-types, require-trusted-types-for. Of course, it's the fancy modern additions (half of them are ff148... though chrome83) which leads to\n\n> but I've thus far not been given _any_ specific details about what in our CSP is causing these hangs\n\nIf look in devtools, the CF turnstile requires support for trusted-types and require-trusted-types-for. Of course, normally it would sound pretty silly that a missing csp policy would cause noticeable freezes, but given that it requires the new Trusted Types API to work, it might be possible...\nThe API has two main parts:\n- A JavaScript API enables a developer to sanitize data before passing it to an injection sink.\n- Two CSP directives enforce and control the usage of the JavaScript API.\n\n* * *",
  "title": "Browser Support • Re: Cloudflare Verification Loop issues",
  "updatedAt": "2026-05-14T10:43:12.000Z"
}