{{SCRIPT}}
* | regexHere -> replacement
file\.js $ plain text -> replacement
index\.html $ {{SCRIPT}} -> alert(1)
# Override the default headers for network requests.
* -> Cross-Origin-Embedder-Policy: require-corp
index\.(html|js) --> Cross-Origin-Opener-Policy: same-origin
*.html -> Content-Security-Policy: default-src 'self'; worker-src 'self' blob:;