Review doubts - Reviewers can you respond?

(sensible77) #1

Good day,

Could You kindly clarify my doubts?
By browsing the list of the last entries regarding “Blocklist Policy Requests” I have some doubts whether your action (reviewing) is incorrect or if the documentation is incorrect.
In a large number of cases, the reason for blocking addon is given: “Blocklist reasons: Remote script injection”. For example bug: 1534781

there is an entry in the code:


and in the manifest file:

“content_security_policy”: “script-src ‘self’ ‘unsafe-eval’; object-src ‘self’;”

according to the documentation, this is not prohibited:
"Allow the extension to use eval () and similar features, by including ‘unsafe-eval’ in the script-src directive. "

Is the reason for the block: “Remote script injection” is an misuse on your part or does the documentation describe parameters inconsistent with the amo policy?

Best Regards

(Philipp Kewisch) #2

Hi s77.

The docs at generally describe the content security policy and what you can do with it.

This is unrelated to the policies for add-ons submitted to You can find our add-on policies at There it says, among other things, “Add-ons must be self-contained and not load remote code for execution”.