Our online tool mattermap.com uses a bookmarklet to extract tweets from twitter. These are used to make online dossiers arount topics, mostly by journalists and knowledgeworkers. The bookmarklet worked fine on Twitter untill recently, but now seems to be a victim of Twitters Content Security Policy. Does anybody have an idea of how to get Twitter to accept Mattermap as a safe or accepted domain?
How to contact Twitter regarding content security policy.. (and get our domain on the 'accepted domains' list)
I doubt you’ll be able to get whitelisted for CSP, security whitelists are generally highly controlled (and for good reason). Instead you should look at the process you are using and make sure you conform to browser security best practices. Most browsers will allow JS to be run at the explicit request of the user but you have to stay within their requirements. Make sure you’re bookmarklets do that or maybe look at implementing browser extensions instead.