trpc-playground@next is blocked by browser

sachinraja / trpc-playground

playground for running tRPC queries in the browser

MIT License

281 stars 19 forks source link

trpc-playground@next is blocked by browser #34

Open kaminskypavel opened 1 year ago

kaminskypavel commented 1 year ago

using it with express@4.

getting errors in multiple browsers

Refused to load the script 'https://cdn.jsdelivr.net/npm/@trpc-playground/html@1.0.0-next.0/dist/assets/index.70ae6946.js' because it violates the following Content Security Policy directive: "script-src 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

sachinraja commented 1 year ago

Which browser? I can't reproduce this on Chrome on MacOS.

kaminskypavel commented 1 year ago

Tried it on brave/firefox/edge

On win 11

MatsDK commented 1 year ago

For me this is working on brave (windows 11). Maybe try installing trpc-playground@latest.

ollyde commented 1 year ago

I've had the same issue for around a year now, I have to disable cors using a plugin for Firefox.

It would seem that the CDN does not accept localhost as pre-flight.

I'm guessing the maintainer uses a specific port for TRPC playground?

A better alternative instead of using a risky CDN is to just host the files inside the npm package. Better version control then @sachinraja

ollyde commented 1 year ago

For an alternative we are using https://github.com/iway1/trpc-panel which is npm hosted internally.