Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crashes when content security policy enabled with fixed connect sources #64

Closed
RomanHotsiy opened this issue Jan 6, 2017 · 1 comment
Closed

Crashes when content security policy enabled with fixed connect sources #64

RomanHotsiy opened this issue Jan 6, 2017 · 1 comment

Comments

@RomanHotsiy
Copy link

RomanHotsiy commented Jan 6, 2017
edited
Loading

With content security policy enabled, and the connect sources set to accept certain sources I get the following error in the console:

image

Seems the issues comes from this line: https://github.com/jhiesey/stream-http/blob/master/lib/capability.js#L17

How to reproduce:

serve any browser bundle (via browserify or webpack) containing stream-http over http-server with header Content-Security-Policy: connect-src 'self'.
I managed to achieve this using server from this gist and adding at line 45: self.send_header("Content-Security-Policy", "connect-src 'self'").

I don't know how to fix this issue so let me know if I can help you by setting up minimal reproducible repo.
@RomanHotsiy RomanHotsiy mentioned this issue Jan 6, 2017
Closed
@jhiesey
Copy link
Owner

jhiesey commented Jan 12, 2017

Fixed for now by #65 and published as v2.6.1

@jhiesey jhiesey closed this as completed Jan 12, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jhiesey @RomanHotsiy