mnutt
commented
7 years ago All davros assets should be self-contained. Which asset URLs are you seeing downloaded from google?
Closed zeigerpuppy closed 7 years ago
mnutt
commented
7 years ago All davros assets should be self-contained. Which asset URLs are you seeing downloaded from google?
ocdtrekkie
commented
7 years ago Ember Paper pulls from Google Fonts, this might be the cause?
https://github.com/miguelcobain/ember-paper "Ember Paper uses fonts from Google Fonts, so the URL to them has to be white listed. You can set this by adding to the Content Security Policy defined in config/environment.js like so:"
mnutt
commented
7 years ago I'm using a modified version of Google Fonts that does not.
ocdtrekkie
commented
7 years ago And FWIW, Privacy Badger doesn't flag anything when Davros is open, and it does usually catch Google Fonts use in Sandstorm grains.
zeigerpuppy
commented
7 years ago Good to hear, I'm sorry I think my bug report was in error,
I thought it was my firewall policy but it seems that icons don't appear in general in chromium.
I'm getting the error:
Invalid 'X-Frame-Options' header encountered when loading 'https://de9664es98236b60c932a0b26c8223bess.server.net/': 'ALLOW-FROM https://ss.server.net' is not a recognized directive. The header will be ignored. about:blank:1
Unrecognized Content-Security-Policy directive 'frame-ancestors'.which is strange because I would have thought an x-frame problem would pop up in firefox too
paulproteus
commented
7 years ago @zeigerpuppy that sounds like a Sandstorm core bug :)
I'd be grateful if you can file an issue there!
zeigerpuppy
commented
7 years ago Happy to
posted as issue on core, see: https://github.com/sandstorm-io/sandstorm/issues/2619
I have google disabled at firewall level for security,
The davros icons seem to be downloaded from google as they are missing when this redirect is disabled.
Would it be possible to have the icons as static files? It would probably load faster too!