Merge pull request #55 from kris7t/svg-export

Frontend: file management and svg export
author: Kristóf Marussy <marussy@mit.bme.hu> 2024-02-24 20:41:53 +0100
committer: GitHub <noreply@github.com> 2024-02-24 20:41:53 +0100
commit: 833e2f58afaafbea3e6fbf2cb3d9aa53a641fc84 (patch)
tree: 3b3e495b5718ae9a8833e1b5f9fa34377a11de8f /subprojects/language-web
parent: Merge pull request #53 from kris7t/imports (diff)
parent: chore(deps); bump dependencies (diff)
download: refinery-833e2f58afaafbea3e6fbf2cb3d9aa53a641fc84.tar.gz
refinery-833e2f58afaafbea3e6fbf2cb3d9aa53a641fc84.tar.zst
refinery-833e2f58afaafbea3e6fbf2cb3d9aa53a641fc84.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/subprojects/language-web/src/main/java/tools/refinery/language/web/SecurityHeadersFilter.java b/subprojects/language-web/src/main/java/tools/refinery/language/web/SecurityHeadersFilter.java
index cc87917f..19eeeff3 100644
--- a/subprojects/language-web/src/main/java/tools/refinery/language/web/SecurityHeadersFilter.java
+++ b/subprojects/language-web/src/main/java/tools/refinery/language/web/SecurityHeadersFilter.java
@@ -20,8 +20,8 @@ public class SecurityHeadersFilter implements Filter {
                                        // CodeMirror needs inline styles, see e.g.,
                                        // https://discuss.codemirror.net/t/inline-styles-and-content-security-policy/1311/2
                                        "style-src 'self' 'unsafe-inline'; " +
-                                        // Use 'data:' for displaying inline SVG backgrounds.
+                                        // Use 'data:' for displaying inline SVG backgrounds and blob for rendering SVG.
-                                        "img-src 'self' data:; " +
+                                        "img-src 'self' data: blob:; " +
                                        "font-src 'self'; " +
                                        // Fetch data:application/octet-stream;base64 URIs to unpack compressed URL fragments.
                                        "connect-src 'self' data:; " +
author	Kristóf Marussy <marussy@mit.bme.hu>	2024-02-24 20:41:53 +0100
committer	GitHub <noreply@github.com>	2024-02-24 20:41:53 +0100
commit	833e2f58afaafbea3e6fbf2cb3d9aa53a641fc84 (patch)
tree	3b3e495b5718ae9a8833e1b5f9fa34377a11de8f /subprojects/language-web
parent	Merge pull request #53 from kris7t/imports (diff)
parent	chore(deps); bump dependencies (diff)
download	refinery-833e2f58afaafbea3e6fbf2cb3d9aa53a641fc84.tar.gz refinery-833e2f58afaafbea3e6fbf2cb3d9aa53a641fc84.tar.zst refinery-833e2f58afaafbea3e6fbf2cb3d9aa53a641fc84.zip

diff --git a/subprojects/language-web/src/main/java/tools/refinery/language/web/SecurityHeadersFilter.java b/subprojects/language-web/src/main/java/tools/refinery/language/web/SecurityHeadersFilter.java index cc87917f..19eeeff3 100644 --- a/subprojects/language-web/src/main/java/tools/refinery/language/web/SecurityHeadersFilter.java +++ b/subprojects/language-web/src/main/java/tools/refinery/language/web/SecurityHeadersFilter.java
@@ -20,8 +20,8 @@ public class SecurityHeadersFilter implements Filter {
20	// CodeMirror needs inline styles, see e.g.,	20	// CodeMirror needs inline styles, see e.g.,
21	// https://discuss.codemirror.net/t/inline-styles-and-content-security-policy/1311/2	21	// https://discuss.codemirror.net/t/inline-styles-and-content-security-policy/1311/2
22	"style-src 'self' 'unsafe-inline'; " +	22	"style-src 'self' 'unsafe-inline'; " +
23	// Use 'data:' for displaying inline SVG backgrounds.	23	// Use 'data:' for displaying inline SVG backgrounds and blob for rendering SVG.
24	"img-src 'self' data:; " +	24	"img-src 'self' data: blob:; " +
25	"font-src 'self'; " +	25	"font-src 'self'; " +
26	// Fetch data:application/octet-stream;base64 URIs to unpack compressed URL fragments.	26	// Fetch data:application/octet-stream;base64 URIs to unpack compressed URL fragments.
27	"connect-src 'self' data:; " +	27	"connect-src 'self' data:; " +