You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi, I was just trying to use Sandpack (via @codesandbox/sandpack-react) with an app with a strict Content Security Policy (CSP) today, and I couldn't find any CSP documentation.
Maybe it would make sense to document the recommendations for CSP?
Eg:
frame-src https://*.codesandbox.io/
This would cover the https://2-14-4-sandpack.codesandbox.io/ format that I saw was being requested as a frame-src when I was using Sandpack. (apparently this 2-14-4 is the version number of my local package 😮)
I'm not sure if there are any other requirements for a CSP for Sandpack.
The text was updated successfully, but these errors were encountered:
Hi, I was just trying to use Sandpack (via
@codesandbox/sandpack-react
) with an app with a strict Content Security Policy (CSP) today, and I couldn't find any CSP documentation.Maybe it would make sense to document the recommendations for CSP?
Eg:
This would cover the
https://2-14-4-sandpack.codesandbox.io/
format that I saw was being requested as aframe-src
when I was using Sandpack. (apparently this2-14-4
is the version number of my local package 😮)I'm not sure if there are any other requirements for a CSP for Sandpack.
The text was updated successfully, but these errors were encountered: