Skip to content

Commit

Permalink
Remove CSP policy
Browse files Browse the repository at this point in the history 
to allow remote files from any source in h5wasm demo
  • Loading branch information
@axelboc
axelboc committed Jul 1, 2024
1 parent e4d26ea commit 0003baf
Showing 1 changed file with 0 additions and 7 deletions.
7 changes: 0 additions & 7 deletions netlify.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,3 @@
[headers.values]
X-Frame-Options = "DENY"
X-Content-Type-Options = "nosniff"

# CSP policy strict by default, then allow:
# - `connect-src data:` for download URLs when exporting datasets/slices in h5wasm demo
# - `script-src 'unsafe-eval'` because of cwise dependency in H5Web
# - `img-src blob:` for JPEG/PNG images in Raw visualization
# - `worker-src blob:` for H5WasmLocalFileProvider's inline worker
Content-Security-Policy = "default-src 'none'; connect-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' blob:; worker-src blob:"

0 comments on commit 0003baf

Please sign in to comment.