Open SolidTux opened 1 week ago
The CSP policies specified in the tauri config are not applied when running with cargo tauri dev. Running it with cargo run on the other hand does correctly apply this.
cargo tauri dev
cargo run
I checked this by setting frame-src and using and iframe.
frame-src
iframe
frame-src 'none'
CSP is applied (e.g. iframe loading is prevented)
tauri info
[✔] Environment - OS: Fedora 41.0.0 x86_64 (X64) ✔ webkit2gtk-4.1: 2.46.3 ✔ rsvg2: 2.59.1 ✔ rustc: 1.82.0 (f6e511eec 2024-10-15) ✔ cargo: 1.82.0 (8f40fc59f 2024-08-21) ✔ rustup: 1.27.1 (54dd3d00f 2024-04-24) ✔ Rust toolchain: stable-x86_64-unknown-linux-gnu (environment override by RUSTUP_TOOLCHAIN) - node: 22.11.0 - npm: 10.9.0 [-] Packages - tauri 🦀: 2.1.1 - tauri-build 🦀: 2.0.3 - wry 🦀: 0.47.0 - tao 🦀: 0.30.8 - tauri-cli 🦀: 2.1.0 [-] Plugins - tauri-plugin-log 🦀: 2.0.2 [-] App - build-type: bundle - CSP: frame-src epub: - frontendDist: ../src
No response
Describe the bug
The CSP policies specified in the tauri config are not applied when running with
cargo tauri dev. Running it withcargo runon the other hand does correctly apply this.I checked this by setting
frame-srcand using andiframe.Reproduction
frame-src 'none')cargo tauri devExpected behavior
CSP is applied (e.g. iframe loading is prevented)
Full
tauri infooutputStack trace
No response
Additional context
No response