You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I haven't been able to stage the site locally today. I suspect this problem is related to #3540.
To be clear, I can serve the site at localhost:4000, but it looks terrible (no css, no images, no js). If I push to an external staging server (https://kw-staging-dartlang-2.web.app), it seems to work.
Expected fix
Either provide a way to run the site using http, or help me figure out a workaround that still lets me serve the site locally.
Additional context
Here's how the local version renders:
And here are the errors I see:
25Refused to load the image '<URL>' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:19 Refused to load the image 'http://localhost:4000/assets/shared/dart/icon/64.png' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:20 Refused to load the image 'http://localhost:4000/assets/touch-icon-iphone-e3508110f3a82952e9c32329c69f90a37ee8fd1cffdae50b94f0c40b24584463.png' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:21 Refused to load the image 'http://localhost:4000/assets/touch-icon-ipad-b4b39129d04a26106a2e172514c4690abf0f2570edc91e0491307bffd23b8a07.png' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:22 Refused to load the image 'http://localhost:4000/assets/touch-icon-iphone-retina-5498c853d0f2c7f9a26bf06206bdf7eb672962d4a3e38890dbd3d6bae1937abd.png' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:23 Refused to load the image 'http://localhost:4000/assets/touch-icon-ipad-retina-4de20dd3e147050229a7a917c902fc0104349da4ab6b709ea89069bf3486910b.png' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/shared/dart/logo+text/horizontal/white-e71fb382ad5229792cc704b3ee7a88f8013e986d6e34f0956d89c453b454d0a5.svg' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/dash/2x/paint-your-ui.png' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/dash/2x/paint-your-ui.png' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/dash/2x/supported%20by%20google@2x.png' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/dash/2x/multiplatform%20performance%20light%20op1@2x.png' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/dash/2x/client%20optimised%20light%20op1@2x.png' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/dash/2x/productive%20dev%20light%20op1@2x.png' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/dash/svg/1-1%20async%20await.svg' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/dash/2x/multiplatform%20performance%20light%20op1@2x.png' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/dash/svg/2-1%20hot%20reload%20iterative%20changes.svg' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/dash/2x/productive%20dev%20light%20op1@2x.png' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/dash/svg/3-1%20-%20aot%20compile.svg' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/dash/2x/client%20optimised%20light%20op1@2x.png' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/dash/2x/multiplatform%20performance%20light%20op1@2x.png' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/dash/svg/1-1%20async%20await.svg' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/dash/svg/2-1%20hot%20reload%20iterative%20changes.svg' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/dash/2x/productive%20dev%20light%20op1@2x.png' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/dash/2x/multiplatform%20performance%20light%20op1@2x.png' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/dash/svg/3-1%20-%20aot%20compile.svg' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load the image 'http://localhost:4000/assets/shared/dart/icon/64.png' because it violates the following Content Security Policy directive: "default-src https:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:37 Refused to load the stylesheet 'http://localhost:4000/assets/main-852a0684b377adbf5274d3681d07596d66dbe5465de65fa69b3bbb15a55c27f2.css' because it violates the following Content Security Policy directive: "style-src https: 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
(index):44 Refused to load the script 'http://www.google-analytics.com/analytics.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'sha256-cTJIwsgB4Xj1loi9AdzTWk3GZ5Kx0NremLhkGfw9zWc=' 'sha256-acZJdbnwXvMNQmfri3ENcArTn+GH3sY664c1uY0xxpg=' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://gstatic.com https://*.gstatic.com https://dartpad.dev https://*.dartpad.dev https://youtube.com https://*.youtube.com https://fonts.googleapis.com https://doubleclick.net https://*.doubleclick.net https://google.com https://*.google.com https://storage.googleapis.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
(anonymous) @ (index):44
localhost/:1 Refused to load media from 'http://localhost:4000/assets/dash/video/hotreload.webm' because it violates the following Content Security Policy directive: "default-src https:". Note that 'media-src' was not explicitly set, so 'default-src' is used as a fallback.
localhost/:1 Refused to load media from 'http://localhost:4000/assets/dash/video/hotreload.mp4' because it violates the following Content Security Policy directive: "default-src https:". Note that 'media-src' was not explicitly set, so 'default-src' is used as a fallback.
content_script_compiled.js:32 Uncaught SecurityError: Sandbox access violation: Blocked a frame at "null" from accessing a frame at "https://dartpad.dev". The frame requesting access is sandboxed and lacks the "allow-same-origin" flag.
(anonymous) @ content_script_compiled.js:32
localhost/:1 Refused to load the stylesheet 'http://localhost:4000/assets/main-852a0684b377adbf5274d3681d07596d66dbe5465de65fa69b3bbb15a55c27f2.css' because it violates the following Content Security Policy directive: "style-src https: 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
DevTools failed to load source map: Could not load content for http://localhost:4000/assets/dash/js/dartpad_picker_main.dart.js.map: HTTP error: status code 404, net::ERR_HTTP_RESPONSE_CODE_FAILURE
DevTools failed to load source map: Could not load content for https://dartpad.dev/packages/split/split.min.js.map: HTTP error: status code 404, net::ERR_HTTP_RESPONSE_CODE_FAILURE
DevTools failed to load source map: Could not load content for https://dartpad.dev/scripts/embed_dart.dart.js.map: HTTP error: status code 404, net::ERR_HTTP_RESPONSE_CODE_FAILURE
The text was updated successfully, but these errors were encountered:
Describe the problem
I haven't been able to stage the site locally today. I suspect this problem is related to #3540.
To be clear, I can serve the site at localhost:4000, but it looks terrible (no css, no images, no js). If I push to an external staging server (https://kw-staging-dartlang-2.web.app), it seems to work.
Expected fix
Either provide a way to run the site using http, or help me figure out a workaround that still lets me serve the site locally.
Additional context
Here's how the local version renders:
And here are the errors I see:
The text was updated successfully, but these errors were encountered: