Ok, I'll check it. Hahahaha, this change is too much to include in the repository without a good battery of tests and consensus, right? Yesterday, instead of the meta tag, I "removed the network cable" :P
Hiedra -----Mensaje original----- De: Josh Tynjala <joshtynj...@bowlerhat.dev> Enviado el: miércoles, 12 de marzo de 2025 18:03 Para: dev@royale.apache.org Asunto: Re: [apache/royale-asjs] Apache Royale Tour de Jewel - broken (Issue #1252) Hi Hiedra, In order to test this properly, we need to create an environment similar to the royale.apache.org site. The backend sends a Content-Security-Policy header, which is causing this issue with third-party resources getting blocked. When testing locally on our own computers, we can simulate the same Content-Security-Policy header by adding the following <meta> tag to the HTML file. <meta http-equiv="Content-Security-Policy" content="default-src 'self' data: blob: 'unsafe-inline' https://www.apachecon.com/ https://www.communityovercode.org/ https://analytics.apache.org/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://analytics.apache.org/ https://www.apachecon.com/; style-src 'self' 'unsafe-inline' data:; frame-ancestors 'self'; frame-src 'self' data: blob:; img-src 'self' data: https://*.apache.org/ https://www.apachecon.com/; worker-src 'self' data: blob:;"> For TourDeJewel, we can add the <meta> tag to the following template file to ensure that it gets included in the generated index.html file: https://github.com/apache/royale-asjs/blob/examples/TDJ_localresources/examples/jewel/TourDeJewel/src/main/resources/jewel-example-index-template.html However, you should not commit this change to the repo. I'm suggesting this merely for testing locally to better simulate the environment on royale.apache.org. -- Josh Tynjala Bowler Hat LLC https://bowlerhat.dev/ On Tue, Mar 11, 2025 at 5:55 AM Maria Jose Esteve <mjest...@iest.com> wrote: > First step done. I've included web-animations.min.js in Jewel's swc > and modified the TabBarView.as class I've compiled royale-asjs with > Maven and ant and then tested TDJ and everything works as expected. > Can someone else try compiling the “examples/TDJ_localresources” > branch and verify that there are no issues before merging it into > develop? > > Thx > > Hiedra > > De: Josh Tynjala <notificati...@github.com> Enviado el: martes, 4 de > marzo de 2025 17:45 > Para: apache/royale-asjs <royale-a...@noreply.github.com> > CC: Maria Jose Esteve <mjest...@iest.com>; Comment < > comm...@noreply.github.com> > Asunto: Re: [apache/royale-asjs] Apache Royale Tour de Jewel - broken > (Issue #1252) > > > As an example, Jewel's TabBarView contains the following > <inject_script> that links to a JS library on Cloudflare. That's not going to > work anymore. > > <inject_script> > > var script = document.createElement("script"); > > script.setAttribute("src", " > https://cdnjs.cloudflare.com/ajax/libs/web-animations/2.3.1/web-animat > ions.min.js > "); > > document.head.appendChild(script); > > </inject_script> > > We're going to need to change TabBarView (and any other classes in > royale-asjs that use <inject_script> to load files from CDNs) to > provide that script file in a different way. > > I recently added a -js-include-script option to royale-compiler. > That's probably our best bet. It includes the .js file in the .swc > file (or in the compiled app), and it automatically adds a <script> tag to > the .html file. > > In Jewel, we might use it like this (assuming that > web-animations.min.js is added to our repo at that location): > > -js-include-script+=src/main/assembly/scripts/web-animations.min.js > > That means that we'll need to include web-animations.min.js in the > Royale distribution. Hopefully, all of the scripts that we're > referencing have compatible licenses that the ASF accepts. > > — > Reply to this email directly, view it on GitHub< > https://github.com/apache/royale-asjs/issues/1252#issuecomment-2698298 > 577>, > or unsubscribe< > https://github.com/notifications/unsubscribe-auth/ANJL3U4PT7OIPW7D5EVN > UED2SXJ7DAVCNFSM6AAAAABWNZIIOCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHM > ZDMOJYGI4TQNJXG4 > >. > You are receiving this because you commented.Message ID: > <apache/royale-asjs/issues/1252/2698298...@github.com<mailto:apache > /royale-asjs/issues/1252/2698298...@github.com>> > [joshtynjala]joshtynjala left a comment (apache/royale-asjs#1252)< > https://github.com/apache/royale-asjs/issues/1252#issuecomment-2698298 > 577> > > As an example, Jewel's TabBarView contains the following > <inject_script> that links to a JS library on Cloudflare. That's not going to > work anymore. > > <inject_script> > > var script = document.createElement("script"); > > script.setAttribute("src", " > https://cdnjs.cloudflare.com/ajax/libs/web-animations/2.3.1/web-animat > ions.min.js > "); > > document.head.appendChild(script); > > </inject_script> > > We're going to need to change TabBarView (and any other classes in > royale-asjs that use <inject_script> to load files from CDNs) to > provide that script file in a different way. > > I recently added a -js-include-script option to royale-compiler. > That's probably our best bet. It includes the .js file in the .swc > file (or in the compiled app), and it automatically adds a <script> tag to > the .html file. > > In Jewel, we might use it like this (assuming that > web-animations.min.js is added to our repo at that location): > > -js-include-script+=src/main/assembly/scripts/web-animations.min.js > > That means that we'll need to include web-animations.min.js in the > Royale distribution. Hopefully, all of the scripts that we're > referencing have compatible licenses that the ASF accepts. > > — > Reply to this email directly, view it on GitHub< > https://github.com/apache/royale-asjs/issues/1252#issuecomment-2698298 > 577>, > or unsubscribe< > https://github.com/notifications/unsubscribe-auth/ANJL3U4PT7OIPW7D5EVN > UED2SXJ7DAVCNFSM6AAAAABWNZIIOCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHM > ZDMOJYGI4TQNJXG4 > >. > You are receiving this because you commented.Message ID: > <apache/royale-asjs/issues/1252/2698298...@github.com<mailto:apache > /royale-asjs/issues/1252/2698298...@github.com>> >
