Throws Security Policy Error when viewing src on github's 'raw' view.

[hybridwebdev]

Dear dev, care to explain why you're trying to cross load assets via this script?

Caught in console: jquery.touchSwipe.min.js:1 Refused to load the image 'https://raw.githubusercontent.com/favicon.ico' because it violates the following Content Security Policy directive: "default-src 'none'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.

Nice try pal. Let this be a warning to anyone else thinking about using this script.

[mattbryson]

Hi @hybridwebdev,

The TouchSwipe JS library does not load any assets. I have had a look at both the git hub user page, and the demo pages on labs.rampinteractive, and neither are throwing this error.

I did notice that the Google Code Prettifier that is used on the demo pages now throws a 404 (which will need fixing), but that is not the error you reported.

Do you have an example that I can look at?

[retailonline]

I just find this excellent plugin, you saved my day Matt, thanks!

[lewismcarey]

This error appears when you view the source code using github's 'raw' view and is not unique to this repo or library. It's thrown by the github domain and you will see it currently when viewing other repositories in raw mode. @mattbryson I'd close the issue or maybe @hybridwebdev would be happy to delete it (or reference it with github themselves).

[mattbryson]

Thanks @lewismcarey, good to know. Can you delete issues now? If not, @hybridwebdev Im going to rename the ticket to something more appropriate and close....

[hybridwebdev]

But why would this script be referencing any external assets? Nice try, trying to sweep this under the rug, but anyone reading this, be wary before using this script.

[lewismcarey]

As explained on Jun 2nd 2017 if you view any raw source code on the raw view on the githubusercontent.com domain you will see this error. Wholly unfair to continue to post on Matts repo with this complaint. I have attached a screenshot of the complainants own source code in this view, also throwing the error they have reported to emphasis, again, its not caused by or unique to this repo.

[mattbryson]

@hybridwebdev, as I have already mentioned, the script does NOT load external assets. Please read though the comments on this thread for an explanation of your issue before re posting.

Feel free to examine the source code yourself if you don't believe me.