Skip to content

Commit

Permalink
Add structurizr.com to the allow-list to show contents in an iframe…
Browse files Browse the repository at this point in the history 
… in the preview (#1510)
  • Loading branch information
@ahus1
ahus1 committed Mar 24, 2024
1 parent f9725ae commit 0e9b4bc
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 1 deletion.
1 change: 1 addition & 0 deletions CHANGELOG.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ This document provides a high-level view of the changes introduced by release.
- Avoid NPE when searching for Java references (#1582)
- Avoid invalidated objects when searching for Java references (#1583)
- Close files before converting file from Markdown to AsciiDoc (#1584)
- Add `structurizr.com` to the allow-list to show contents in an iframe in the preview (#1510)

=== 0.41.10

Expand Down
2 changes: 1 addition & 1 deletion src/main/java/org/asciidoc/intellij/editor/javafx/PreviewStaticServer.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ public static String createCSP(@NotNull Map<String, String> attributes) {
+ "img-src file: data: localfile: *; connect-src 'none'; font-src *; " +
"object-src data: file: localfile: *;" + // used for interactive SVGs
"media-src 'none'; child-src 'none'; " +
"frame-src 'self' https://player.vimeo.com/ https://www.youtube.com/"; // used for vimeo/youtube iframes
"frame-src 'self' https://player.vimeo.com/ https://www.youtube.com/ https://structurizr.com/"; // used for vimeo/youtube iframes
} else {
// this will restrict external content as much as possible
result = "default-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' " + Urls.parseEncoded("http://localhost:" + BuiltInServerManager.getInstance().getPort() + PREFIX + "/scripts/").toExternalForm() + "; "
Expand Down

0 comments on commit 0e9b4bc

Please sign in to comment.