Open 0m3r opened 2 days ago
Hi @0m3r. Thank you for your report. To speed up processing of this issue, make sure that the issue is reproducible on the vanilla Magento instance following Steps to reproduce.
@magento I am working on this
Join Magento Community Engineering Slack and ask your questions in #github channel. :warning: According to the Magento Contribution requirements, all issues must go through the Community Contributions Triage process. Community Contributions Triage is a public meeting. :clock10: You can find the schedule on the Magento Community Calendar page. :telephone_receiver: The triage of issues happens in the queue order. If you want to speed up the delivery of your contribution, join the Community Contributions Triage session to discuss the appropriate ticket.
I am encountering an issue with the loading order of JavaScript files (
require.js
,mixins.js
,requirejs-config.js
) after enabling Content Security Policy (CSP) in Magento 2. This appears to be breaking JavaScript bundling, causing improper execution order and related issues.Reproduction Steps:
require.js
,mixins.js
,requirejs-config.js
.Screenshots:
Before enabling CSP: Correct file order (Screenshot below)
After enabling CSP: Incorrect file loading order
Cause:
It seems that the issue is related to CSP configurations interfering with the loading order and possibly the integrity attribute (hash) of JavaScript assets, specifically in how property groups are handled within
GroupedCollection
.In this file, the integrity attributes (hash) should be ignored when grouping properties.
Proposed Workaround: (doesn't work properly broke integrity :( )
I suggest modifying the grouping logic to disregard the
integrity
attribute when comparing asset properties.Example workaround code:
Expected Outcome: