Skip to content

Content-Security-Policy: allow images from data: URLs#772

Merged
alxndrsn merged 1 commit intogetodk:nextfrom
alxndrsn:data-images
Nov 11, 2024
Merged

Content-Security-Policy: allow images from data: URLs#772
alxndrsn merged 1 commit intogetodk:nextfrom
alxndrsn:data-images

Conversation

@alxndrsn
Copy link
Contributor

@alxndrsn alxndrsn commented Nov 9, 2024

QR displayed in odk-central-frontend are displayed with src=data:...

Closes #629

Content-Security-Policy: allow images from data: URLs
0415ec6 
QR displayed in odk-central-frontend are displayed with src=data:...

Closes getodk#629
@alxndrsn alxndrsn mentioned this pull request Nov 9, 2024
Closed
8 tasks
@matthew-white
Copy link
Member

matthew-white commented Nov 9, 2024

Tagging @lognaturel, since I think she reviewed the original CSP.

lognaturel
lognaturel approved these changes Nov 11, 2024
View reviewed changes
Copy link
Member

@lognaturel lognaturel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need * for arbitrary images embedded in markdown descriptions and data for the QR codes.

@lognaturel lognaturel changed the base branch from master to next November 11, 2024 17:07
@lognaturel
Copy link
Member

lognaturel commented Nov 11, 2024

Changed the base to next. @alxndrsn could you please keep the PR checklist that has a reminder about target branch?

@alxndrsn
Copy link
Contributor Author

alxndrsn commented Nov 11, 2024

We need * for arbitrary images embedded in markdown descriptions and data for the QR codes.

I think it would be helpful to add this as a comment, but commenting every one of these rules would get out of hand quite quickly 🤔

@alxndrsn alxndrsn merged commit fb02423 into getodk:next Nov 11, 2024
@alxndrsn alxndrsn deleted the data-images branch November 11, 2024 17:11
@matthew-white matthew-white mentioned this pull request Nov 11, 2024
Closed
@lognaturel
Copy link
Member

lognaturel commented Nov 12, 2024

I think what you've done with the commit message is great! If we have questions we can use git to see what was going on.

I always try to leave a note of what I think about when I do a review also for archaeology purposes.

yanokwa pushed a commit to yanokwa/odk-central that referenced this pull request Jun 11, 2025
@alxndrsn @yanokwa
Content-Security-Policy: allow images from data: URLs (getodk#772)
194f99a 
QR displayed in odk-central-frontend are displayed with src=data:...

Closes getodk#629
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lognaturel lognaturel lognaturel approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

App user QR code violates CSP directive

3 participants

@alxndrsn @matthew-white @lognaturel