Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit 607ac29

Browse files
Merge pull request #7527 from plotly/cam/update-csp-devtools
Update devtools to enable strict mode via query param
2 parents 04441f9 + 57db13c commit 607ac29

File tree

5 files changed

+45
-36
lines changed

5 files changed

+45
-36
lines changed

‎devtools/test_dashboard/index-strict.html

Lines changed: 0 additions & 29 deletions
This file was deleted.

‎devtools/test_dashboard/index.html

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,9 @@
2121
</div>
2222
<div id="snapshot"></div>
2323

24+
<!-- Update UI elements if strict mode is enabled -->
25+
<script src="./strict.js"></script>
26+
2427
<script src="../../node_modules/@plotly/mathjax-v2/MathJax.js?config=TeX-AMS-MML_SVG"></script>
2528
<script charset="utf-8" id="source" src="../../build/plotly.js"></script>
2629
<script charset="utf-8" src="../../build/test_dashboard-bundle.js"></script>

‎devtools/test_dashboard/server.mjs

Lines changed: 30 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -62,22 +62,45 @@ console.log('watching esbuild...');
6262
await ctx.watch();
6363

6464
function devServer() {
65-
varserver = http.createServer(ecstatic({
65+
conststaticFilesHandler = ecstatic({
6666
root: constants.pathToRoot,
6767
cache: 0,
6868
gzip: true,
6969
cors: true
70-
}));
70+
});
71+
72+
const server = http.createServer((req, res) => {
73+
if(strict) {
74+
res.setHeader(
75+
'Content-Security-Policy',
76+
// Comment/uncomment for testing CSP. Changes require a server restart.
77+
[
78+
// "default-src 'self'",
79+
"script-src 'self'",
80+
"style-src 'self' 'unsafe-inline'",
81+
// "img-src 'self' data: blob:",
82+
// "font-src 'self' data:",
83+
// "connect-src 'self'",
84+
// "object-src 'none'",
85+
// "base-uri 'self';",
86+
"worker-src blob:",
87+
].join("; ")
88+
)
89+
}
90+
91+
staticFilesHandler(req, res)
92+
})
7193

7294
// Start the server up!
7395
server.listen(PORT);
7496

97+
let indexName = 'index';
98+
if(mathjax3) indexName += '-mathjax3'
99+
else if(mathjax3chtml) indexName += '-mathjax3chtml'
100+
indexName += '.html'
101+
75102
// open up browser window
76-
open('http://localhost:' + PORT + '/devtools/test_dashboard/index' + (
77-
strict ? '-strict' :
78-
mathjax3 ? '-mathjax3' :
79-
mathjax3chtml ? '-mathjax3chtml' : ''
80-
) + '.html');
103+
open(`http://localhost:${PORT}/devtools/test_dashboard/${indexName}${strict ? '?strict=true' : ''}`);
81104
}
82105

83106
function getMockFiles() {

‎devtools/test_dashboard/strict.js

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
if ((new URLSearchParams(location.search)).get("strict")) {
2+
const strictDiv = document.createElement("div");
3+
strictDiv.id = "strict-div";
4+
strictDiv.textContent = "STRICT MODE";
5+
document.querySelector("#reload-time").insertAdjacentElement('afterend', strictDiv);
6+
document.querySelector("title").innerText = "Plotly.js 'strict' Devtools";
7+
}

‎devtools/test_dashboard/style.css

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,11 @@ header span{
3333
font-size: 10px;
3434
line-height: 40px;
3535
}
36+
#strict-div{
37+
color: #F00;
38+
font-weight: 600;
39+
display: inline-block;
40+
}
3641
#mocks-list{
3742
position: fixed;
3843
right: 0px;

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /