is rewriting CSP headers to whitelist vodafone.pt and jquery.com in the script-src directive. Basically, it means that this is a terrible company, using MITM technics. Don't let them do that.
cc
Conversation
Hello Jojo. Vodafone’s content control platform does not monitor or log your internet traffic, but as part of Vodafone’s commitment to ensuring your safety on the internet, we can monitor websites and domains that contain offensive content.
10
3
Changing the CSP on the fly to include your domain plus another that you have no control over is anything but safe. Don't lie, just stop.
1
5
113
Show replies
está modificando arquivos javascript para injetar js payload e ativar o ataque MITM malicioso?
Isn’t this a very common strategy also conducted by many many many landline ISPs in the US? I’ve seen it on xfinity and Vodafone Spain for example — got me onto a VPN quick.
2





