search

asciidoctor / asciidoctorj

:coffee: Java bindings for Asciidoctor. Asciidoctor on the JVM!
http://asciidoctor.org
Apache License 2.0
618 stars 172 forks source link

Content Security Policy violations #510

Open dominik42 opened 7 years ago

dominik42 commented 7 years ago

Hi,

HTML documents created with RESTDocs violates against some default Content Security Policy settings:

Content Security Policy: The page's settings blocked the loading of a resource at self

The content of two stylesheets (GoogleFonts, FontAwesome) are included as internal style. The default settings of some browsers (Firefox, Chrome) prohibit such structures. The page is shown without any colored tables, custom fonts etc. and the console contains the following errors:

Firefox: Content Security Policy: The page's settings blocked the loading of a resource at self Chrome: Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self'"

As mentioned in https://github.com/spring-projects/spring-restdocs/issues/300#issuecomment-245901785 this seems to be an Asciidoctor issue.

robertpanzer commented 7 years ago

Hi Dominik,

long time no see! 🍻

I think this issue rather belongs to the https://github.com/asciidoctor/asciidoctor repo as asciidoctorj itself is only a Java API that wraps the core functionality provider by asciidoctor.

Would you mind opening the same issue there?

Cheers Robert

dominik42 commented 7 years ago

Hi Robert, already knew quite a while from asciidoctor & you ;-)

Would you mind opening the same issue there? yep, I will ... all good things comes in threes

dominik42 commented 7 years ago

https://github.com/asciidoctor/asciidoctor/issues/1867