ember.js - Configure CSP in an Ember CLI application which uses http-mock -

-

i'm using http-mock ember cli suggested on http://www.ember-cli.com/#ember-data. understand basic concept of csp don't understand configuration of within ember cli application.

how can configure application either accept requests localhost:4200/api/ avoid during development:

content security policy violation: {     "csp-report": {         "document-uri":"http://localhost:4200/products",         "referrer":"",         "violated-directive":"style-src 'self'",         "effective-directive":"style-src",         "original-policy":"default-src 'none'; script-src 'self' 'unsafe-eval' localhost:35729 0.0.0.0:35729; font-src 'self'; connect-src 'self' ws://localhost:35729 ws://0.0.0.0:35729 http://0.0.0.0:4200/csp-report; img-src 'self'; style-src 'self'; media-src 'self'; report-uri http://0.0.0.0:4200/csp-report;",         "blocked-uri":"",         "source-file":"chrome-extension://alelhddbbhepgpmgidjdcjakblofbmce",         "line-number":1,"column-number":20481,"status-code":200     } }

you can adjust content security policy editing config/environment.js. believe in case, connect-src relevant error being thrown (edit: looks style-src being violated, possibly chrome extension awesome screenshot). adding * allow connect anything.

var env = {    ...    contentsecuritypolicy: {     'default-src': "'none'",     'script-src': "'self'",     'font-src': "'self'",     'connect-src': "'self' *",     'img-src': "'self'",     'style-src': "'self' *",     'media-src': "'self'"   } }

or more specifically, add:

... 'connect-src': "'self' 'localhost:4200'", ...

furthermore, if wanted add dev environment, put in:

if (environment === 'development') {   env.contentsecuritypolicy = {     ...(policies)...   } }

more information available csp in ember-cli: https://www.npmjs.com/package/ember-cli-content-security-policy.

more information csp in general: http://content-security-policy.com/


Comments

Post a Comment

Popular posts from this blog

google chrome - Developer tools - How to inspect the elements which are added momentarily (by JQuery)? -

-
i looking @ how website designed using inspector in chrome. can use firefox developer tools or firefox web developer add-on or chrome web developer extension. so website has slide-show , using jquery it. looking @ markup , css in inspector, i see 2 things constantly changing slides change: one opacity css property understandable, i'd see changing values, changes fast see read anything. second- a div added in div slides change momentarily , moment when appears short notice except div . so question is there way stop slideshow can temporarily rid of blinking sort of effect (by speedy adding , removal , changing of elements , values)? where can inspect div element gets added such short moment , , gets removed? , can see changes in value of opacity takes place? is there way stop slideshow can temporarily rid of blinking sort of effect (by speedy adding , removal , changing of elements , values)? if opacity animated css transition or animation,
Read more

angularjs - Showing an empty as first option in select tag -

-
my app showing empty select field first entry. have read other solution given , tried still not working. my controller code is: .controller('usercreatecontroller', function(user,profile,auth) { alert("hello"); var vm = this; vm.type = 'create'; profile.all() //this service fetch profiles shown in select field .success(function(data){ vm.profile = data; }); vm.userdata.profile = vm.profile[0]; //here have set default value select field and html page is: <label class="col-sm-2 control-label">profile</label> <div class="col-sm-8"> <select ng-model="user.userdata.profile" ng-options="person._id person.profilename person in user.profile"> </select> </div> hierarchy of vm.profile { "_id": 46, "profile": objectid("5516498e95b84548156db754"), "isactive": true, "password": "$2
Read more

php - Cloud9 cloud IDE and CakePHP -

-
i attempting cakephp running on cloud9, cloud based ide. unaware, cloud collaboration ide intermixes services such bitbucket. site gives sudo rights, , installed cakephp using these instructions: https://www.digitalocean.com/community/tutorials/how-to-install-cakephp-on-an-ubuntu-12-04-vps when attempt run database exported machine cakephp installed, error message "url rewriting not configured on server." attempted solve issue using official guide cakephp: http://book.cakephp.org/2.0/en/installation/url-rewriting.html but no cigar, same error message. has gotten cakephp working, or aware of cloud ide free/low cost cloud9 support cakephp? here's how got working now: sudo apt-get update sudo apt-get install php5-intl curl -ss https://getcomposer.org/installer | php -- --filename=composer ./composer create-project --prefer-dist cakephp/app this creates project in /app default. move workspace docroot: mv app/* ./ mv app/.* ./ rm -rf app then de
Read more