<isd>
So apparently ublock origin blocks CSP reports. Can't say I'm surprised, and it's what I deserve for coming up with this horrific hack. But I think it's still worth doing. When the grain settings page I was working on lands we can also put the setting there as a backup.
<JacobWeisz[m]>
I just use Privacy Badger and Firefox's own Tracking Prevention. And the former is mostly redundant now.
<isd>
(You can also change this in ublock origin's settings)
<isd>
I have all three of those + noscript... maybe a little overkill, but at least I'll know if I write code that's broken by some privacy extension?
<isd>
But! I have the basic thing working: CSP report triggers a popup with a button that changes the policy to allow images & media. Needs some polish, probably want to tweak it to persist the setting across sessions, but... it works
<JacobWeisz[m]>
That's awesome.
<JacobWeisz[m]>
I am getting to the point I feel Firefox is doing an adequate enough job at protecting me. I still have Privacy Badger but it's mostly now just a second thing I have to shut off when a website breaks.
<JacobWeisz[m]>
I consider browser extensions to be fundamentally dangerous, so I'll be happy to have none someday. Except maybe Facebook Container, which is first party at least.
<isd>
Noscript for me is as much about perf as privacy, honestly. So much of the web is much more pleasant without js.
<JacobWeisz[m]>
Yeah, though it breaks enough I'm scared to go there. I found just the tracking removal fixes a lot of perf issues!
<JacobWeisz[m]>
If a website still performs poorly with tracking prevention, I'm just gonna avoid that website.
<isd>
I've found it's worth it. Every now and then I give up and click "temporarily allow this page", but most of the time it works fine, and when it doesn't it's usually one or two things you need to enable, and you can leave the trackers out...