Description
When visiting http://demos.webintents.org/ using Firefox (in my case FF 9.0 on Mas OSX Lion) you see the following error in the firebug console:
CSP: Directive "inline script base restriction" violated
var _gaq = _gaq || []; _gaq.push(['... demos....nts.org (line 85)
CSP: Directive "inline script base restriction" violated
(function() { var po = document.createE... demos....nts.org (line 98)
This issue seems to come from the CSP header:
curl -i http://demos.webintents.org | head
[...]
X-Content-Security-Policy: allow 'self'; img-src *; script-src www.google-analytics.com apis.google.com;
[...]
where probably script-src need an additional 'self' or '' or something of the kind. It also stops you from executing javascript in the firebug console.
This seems to cause web intents to not work at all in firefox (or at least i couldn't get it to work and couldn't debug what was happening, due to this script restriction).