-
-
Notifications
You must be signed in to change notification settings - Fork 386
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
"Your organization blocked this file because it didn't meet a security policy" in Chrome #3004
Comments
Hello and thanks for opening an issue! Is this in Chrome? To clarify, which domain is the PDF hosted on, and what is the domain of the site you are on when this happens? |
This might be another Google's Manifest V3 bug where Declarative Net Request's definition of "thirdParty" is different from what extensions expect. Google's DNR defines the "thirdParty" filter with respect to the containing frame, while extensions like Privacy Badger expect the check to be made against the top-level document. This matters when a resource is loaded in a nested frame. But I can't say for sure because I haven't yet been able to reproduce this issue. |
I get the same error trying to download images from Google Voice conversations. Disabling PB on Google Voice allows me to save images. PB 2024.07.17, Chrome 127 & 128 from Google DEB repo, Ubuntu 22.04LTS x86_64 |
We haven't gotten any "Your organization blocked this file because it didn't meet a security policy" reports in a while. We started getting reports after the Privacy Badger MV3 release to Chrome. The most recent report was from September 9th. Maybe this was (a DNR bug?) fixed in Chrome 129? |
@ghostwords I can still reproduce this with Google Voice, PB 2024.7.17, Chrome 131.0.6778.85, Ubuntu 22.04LTS x86_64 - I just sent a broken site report, if that helps. |
@ckuethe Are you able to reproduce this issue in a new Chrome profile with Privacy Badger? |
No. For fun, I created a brand new user on my machine and ran chrome with only PB (default settings) installed. Google Voice attachments saved correctly. I suppose I need to see if I can repro with my main PB settings copied to my test profile, and possibly seeing which other extension might be interacting. |
That is very helpful, thank you! |
I get "Your organization blocked this file because it didn't meet a security policy" when trying to download legitimate PDF forms from client.schwab.com ... After adding client.schwab.com to the excluded domains on Privacy Badger, the problem stopped.
The text was updated successfully, but these errors were encountered: