Closed tmscarla closed 1 year ago
LGTM. Aside from following the recommendation of Cloudscape, I couldn't validate this would otherwise break
CodeEditor
.Can you just double check there are no negatives of adopting the
useStrictCSP
config? (e.g. performance)
Currently I don't see any drawbacks in setting useStrictCSP
to true. I have manually tested both configurations and the editor looks fine. We can follow up with our affinity engineer to dive deep into the question.
Description
The CloudScape
Code editor
component relies on the Ace library, which receives it as a property. In order to make it CSP-compliant, as specified in the developer guidelines, we need to set the following configuration parameter totrue
:This will result in avoiding to include some
<style>
tags into the<head>
tag, as pointed out in https://github.com/ajaxorg/ace/issues/3260. The two attached images shows the difference of having the property unset / set totrue
.How Has This Been Tested?
References
PR Quality Checklist
i18n
solution instead (see here)npm run build
builds without any errorIn order to increase the likelihood of your contribution being accepted, please make sure you have read both the Contributing Guidelines and the Project Guidelines
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.