diff --git a/4.1-Extensions.md b/4.1-Extensions.md
index 38cf1bc..4db8b66 100644
--- a/4.1-Extensions.md
+++ b/4.1-Extensions.md
@@ -4,21 +4,21 @@ Also, see [this sticky issue](https://github.com/ghacksuserjs/ghacks-user.js/iss
If you would like to submit a privacy or security related extension to be added to this list, please post the details [here](https://github.com/ghacksuserjs/ghacks-user.js/issues/655) for consideration, thanks.
-:exclamation: **CSP**: When multiple extensions use CSP header injection, **only one wins** and predicting the winner is like [rolling a dice](https://github.com/ghacksuserjs/ghacks-user.js/issues/265#issuecomment-393935989). Also see [#497](https://github.com/ghacksuserjs/ghacks-user.js/issues/497) and [1421725](https://bugzilla.mozilla.org/show_bug.cgi?id=1421725) (one of many bugzillas). **Some** CSP items to be aware of are highlighted below.
+:exclamation: **CSP**: When multiple extensions use CSP injection to modify headers, **only one wins** and predicting the winner is like [rolling a dice](https://github.com/ghacksuserjs/ghacks-user.js/issues/265#issuecomment-393935989). Also see [#497](https://github.com/ghacksuserjs/ghacks-user.js/issues/497) and [1421725](https://bugzilla.mozilla.org/show_bug.cgi?id=1421725) (one of many bugzillas). **Some** CSP items to be aware of are highlighted below.
### :small_orange_diamond: Extensions
These are all, where applicable, best configured to `deny-all` and whitelist.
* [uBlock Origin](https://addons.mozilla.org/firefox/addon/ublock-origin/) ✔ [Privacy](https://github.com/gorhill/uBlock/wiki/Privacy-policy) | [GitHub](https://github.com/gorhill/uBlock)
- * :exclamation: **CSP**: Uncheck the option in `Dashboard > Settings > Block remote fonts`. Font **rules** use CSP [unsure about font filters]. Use Request Control instead.
+ * :exclamation: **CSP**: Uncheck `Dashboard > Settings > Block remote fonts`. Font **rules** use CSP [unsure about font filters]. Use Request Control instead.
* [uMatrix](https://addons.mozilla.org/firefox/addon/umatrix/) ✔ [Privacy](https://github.com/gorhill/uMatrix/wiki/Privacy-policy) | [GitHub](https://github.com/gorhill/uMatrix)
* [Decentraleyes](https://addons.mozilla.org/firefox/addon/decentraleyes/) ✔ [Privacy](https://addons.mozilla.org/firefox/addon/decentraleyes/privacy/) | [GitLab](https://git.synz.io/Synzvato/decentraleyes) | [GitHub Archive](https://github.com/Synzvato/decentraleyes)
* :exclamation: uBlock Origin users should add the [following rules](https://git.synz.io/Synzvato/decentraleyes/wikis/Frequently-Asked-Questions) if required
* [CSS Exfil Protection](https://addons.mozilla.org/firefox/addon/css-exfil-protection/) | [GitHub](https://github.com/mlgualtieri/CSS-Exfil-Protection) | [Homepage + Test](https://www.mike-gualtieri.com/css-exfil-vulnerability-tester)
* [HTTPS Everywhere](https://addons.mozilla.org/firefox/addon/https-everywhere/) ✔ [Privacy](https://www.eff.org/code/privacy/policy) | [GitHub](https://github.com/EFForg/https-everywhere)
- * :exclamation: **CSP**: blocking all insecure requests (`httpNowhereOn`) uses CSP
+ * :exclamation: **CSP**: Uncheck `Toolbar Icon > Encrypt All Sites Eligible (EASE)`
* [CanvasBlocker](https://addons.mozilla.org/firefox/addon/canvasblocker/) ✔ [Privacy](https://addons.mozilla.org/firefox/addon/canvasblocker/privacy/) | [GitHub](https://github.com/kkapsner/CanvasBlocker)
- * :exclamation: **CSP**: Uncheck the option `Misc > Block data URL pages`
+ * :exclamation: **CSP**: Uncheck `Misc > Block data URL pages`
* [Smart Referer](https://addons.mozilla.org/firefox/addon/smart-referer/) ✔ [Privacy](https://addons.mozilla.org/firefox/addon/smart-referer/privacy/) | [GitLab](https://gitlab.com/smart-referer/smart-referer) | [GitHub Archive](https://github.com/meh/smart-referer)
* [Header Editor](https://addons.mozilla.org/firefox/addon/header-editor/) | [GitHub](https://github.com/FirefoxBar/HeaderEditor)
* Allows you to run [Rules](https://github.com/ghacksuserjs/ghacks-user.js/wiki/4.2.4-Header-Editor) to modify headers such as blocking ETags