Home Explore Help
Sign In
liushengqiang
/
excalidraw
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

CSP: fix codesandbox (#1401)

* add csb to csp whitelist

* add csb.app

* allow child-src csp

* add cdnjs.cloudflare

* allow unsafe-eval
David Luzar 5 years ago
parent
93087192c8
commit
d79c859cd9
1 changed files with 1 additions and 1 deletions
Split View Show Diff Stats
  1. 1 1
      public/index.html

+ 1 - 1
public/index.html
View File 

@@ -64,7 +64,7 @@
 
     <meta name="twitter:image" content="https://excalidraw.com/og-image.png" />
 
     <meta
 
       http-equiv="Content-Security-Policy"
 
-      content="block-all-mixed-content; child-src 'none'; connect-src 'self' https: wss: http: ws:; default-src 'self'; font-src 'self' data: https: filesystem:; img-src 'self' data: https:; script-src 'self' 'unsafe-inline' https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https:;"
 
+      content="block-all-mixed-content; child-src 'self' https://codesandbox.io https://*.csb.app; connect-src 'self' https: wss: http: ws:; default-src 'self'; font-src 'self' data: https: filesystem:; img-src 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com https://codesandbox.io https://*.csb.app https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https:;"
 
     />
 
     <link rel="shortcut icon" href="favicon.ico" type="image/x-icon" />
 
     <link rel="stylesheet" href="fonts.css" />