fix(lib/vscode): update csp in webview to allow ports

With #3895, we caused a regression where the Content-Security-Policy prevented
images in the previewer to not work due to the ports in the resource URI.

This modifies the CSP in the webview to make sure images are not blocked by CSP.

I assume once we upgrade VS Code, we will revert this change.
This commit is contained in:
Joe Previte 2021-09-09 17:51:39 -07:00
parent 8a1c129dd1
commit 592d9bcbda
No known key found for this signature in database
GPG Key ID: 2C91590C6B742C24
1 changed files with 4 additions and 1 deletions

View File

@ -24,7 +24,10 @@ export const webviewResourceBaseHost = 'vscode-webview.net';
export const webviewRootResourceAuthority = `vscode-resource.${webviewResourceBaseHost}`; export const webviewRootResourceAuthority = `vscode-resource.${webviewResourceBaseHost}`;
export const webviewGenericCspSource = `https://*.${webviewResourceBaseHost}`; // NOTE@coder: This is a temporary change to include ":*"
// due to the patch we had to make for webview resources.
// See PR#3895 and https://github.com/cdr/code-server/issues/3936 for more details.
export const webviewGenericCspSource = `https://*.${webviewResourceBaseHost}:*`;
/** /**
* Construct a uri that can load resources inside a webview * Construct a uri that can load resources inside a webview