In my chrome extension V3 I use chrome.declarativeNetRequest.updateSessionRules
to modify response headers:
chrome.declarativeNetRequest.updateSessionRules({
addRules: [
{
id: 999,
priority: 1,
condition: {
initiatorDomains: ['localhost'],
resourceTypes: ['main_frame']
},
action: {
type: 'modifyHeaders',
responseHeaders: [
{ header: 'Content-Security-Policy', operation: 'remove' },
{ header: "bar-foo-baz", operation: "set", value: "true" },
],
}
}]
});
The test I do is pretty simple. I violate the Content-Security-Policy
rule so I get an error in the console. But when I apply the remove
operation all works fine and the error is gone.
But the weird thing is if I look in the DevTools Network tab, I still see the Content-Security-Policy header and I don't see bar-foo-baz
.
Does someone know why this is happening?