| CARVIEW |
Select Language
HTTP/2 200
date: Mon, 13 Oct 2025 09:40:49 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com github.githubassets.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com wss://alive-staging.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com marketplace-screenshots.githubusercontent.com/ copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
link: ; rel=preload; as=fetch; crossorigin=use-credentials
referrer-policy: no-referrer-when-downgrade
server-timing: issue_layout-fragment;desc="issue_layout fragment";dur=301.158913,issue_conversation_content-fragment;desc="issue_conversation_content fragment";dur=603.468658,nginx;desc="NGINX";dur=1.274799,glb;desc="GLB";dur=139.385783
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With, Accept,Accept-Encoding, Accept, X-Requested-With
x-content-type-options: nosniff
x-frame-options: deny
x-voltron-version: aab62e3
x-xss-protection: 0
server: github.com
content-encoding: gzip
accept-ranges: bytes
set-cookie: _gh_sess=m2vOyMkcr%2FyzEIxQ%2BCUsDuf3Rnp24rJcogPfBpuq0o8RZdgSonnukim7acy0B01BKXHUxIfBCG2ie7OdQRKdYOkc%2FpkUa9iR94XntwLtDcpxYUHw2EcaVm%2BasGhx0o9TFtFlfSiqd8KCQAR4zbM9%2Fp9hnRSYz8%2BGhWKoW53XBJzGDreSTrtPnWfZXaSrvCpl%2FVJKWiucDiMrGLa%2BhlxWO2MndIyKlcGRlB8Zm%2Bnh1O865U2CFywkdqPa%2Bs1TnbCkADVa%2Bs79q%2BHaNMF71d8Uaw%3D%3D--QJx13zijc1zvd01L--zNUNIyGQR1IREeMfWanhtQ%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.296625294.1760348448; Path=/; Domain=github.com; Expires=Tue, 13 Oct 2026 09:40:48 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Tue, 13 Oct 2026 09:40:48 GMT; HttpOnly; Secure; SameSite=Lax
x-github-request-id: EAA2:14CD9D:1A39120:21C6FFB:68ECC920
When using (auto create) domain level scope, how do I create a rule that auto aplies to each scope when it is created? · Issue #349 · gorhill/httpswitchboard · GitHub
No one assignedNo projectsNo milestoneNone yetNo branches or pull requests
Skip to content
Navigation Menu
{{ message }}
This repository was archived by the owner on Nov 15, 2017. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 82
This repository was archived by the owner on Nov 15, 2017. It is now read-only.
When using (auto create) domain level scope, how do I create a rule that auto aplies to each scope when it is created? #349
Copy link
Copy link
Closed
Labels
Description
In my specific case, I use an extension (Pocket) for chrome that creates a frame. White-listing the site (getpocket.com) doesn't work, because frames are blacklisted by default.
I tried to add the frame to the global whitelist, and, if I change the scope to global from domain, it works, but then I lose the domain specific rules.
I expected that domain scopes will automatically use whatever rules they find in the global scope, but that is not the case.
One solution would be to remove frame from the blacklist, but that is not something I'm keen on.
Is there a way to specify an exception to the blacklist, i.e. blacklist every frame except the ones coming from this domain?
DOMAIN SCOPE
GLOBAL SCOPE
Metadata
Metadata
Assignees
Labels
Projects
Milestone
Relationships
Development
Issue actions
You can’t perform that action at this time.