New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refs #21312 - add webpack url with hostname csp #6367
Conversation
Issues: #21312 |
@@ -393,6 +397,12 @@ def webpack_server | |||
@dev_server ||= "#{request.protocol}#{request.host}:#{port}" | |||
end | |||
|
|||
def webpack_server_hostname | |||
port = Rails.configuration.webpack.dev_server.port | |||
hostname = `hostname`.squish |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can we assume this only happens in development mode?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, it is only happening in development mode.
78d887a
to
b563a99
Compare
There were the following issues with the commit message:
If you don't have a ticket number, please create an issue in Redmine. More guidelines are available in Coding Standards or on the Foreman wiki. This message was auto-generated by Foreman's prprocessor |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
doesn't work for me, I'm getting this (with foreman-start-dev
)
bootstrap 59b77653f6824f937a87:766 Refused to load the script 'http://0.0.0.0:3808/webpack/react-
intl/locale/en.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-
eval' 'unsafe-inline' 'self' localhost:3808".
foreman start
works as expected.
b563a99
to
c5a2833
Compare
There were the following issues with the commit message:
If you don't have a ticket number, please create an issue in Redmine. More guidelines are available in Coding Standards or on the Foreman wiki. This message was auto-generated by Foreman's prprocessor |
|
||
append_content_security_policy_directives(webpack_csp) | ||
end | ||
|
||
def webpack_server | ||
def webpack_server_url hostname = request.host |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Style/MethodDefParentheses: Use def with parentheses when there are parameters.
Closing in favor of #6368 |
It fixes issue came up with #5184 by adding a second webpack url with hostname to the csp.