-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BRO-31] Errors on websites with strict Content Security Policy #459
[BRO-31] Errors on websites with strict Content Security Policy #459
Conversation
Created yarn patch for @concordium/web-sdk Now it is possible to import from ./types/ directory, and avoid tree-shaking bug of esbuild
@Ivan-Mahda I will take myself off the reviewers list. Soren and Emil are the experts anyhow. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great detective work @Ivan-Mahda!
It seems that this completely removes the WASM error.. I actually thought we needed to dive into the legacy grpc client and well and do some updates, but seems like that is not needed anyway 🤷
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The patch is nice for now, but I think we should fix it in the SDK straight away as well and then remove this patch again.
I suggested we do this as a One point of view could be that it worsens the user experience, as Of course another point of view could be that it enables people to use tools like ESBuild and potentially other tools with less ability to tree-shake than the state-of-the-art bundlers. Personally, I feel inclined towards the former of the two.. But I don't have any strong opinion on this matter tbh. What do you think @Ivan-Mahda and @limemloh ? |
Just wanted to check the experience if we did this, and you are right, it does add a lot of noise: |
Co-authored-by: Emil Holm Gjørup <limemloh@gmail.com>
Clean up patch file
Update yarn.lock
Update package version and yarn.lock
…rict-content-security-policy
Purpose
The injected script attempts to compile and instantiate WebAssembly, which fails when a website uses a Content Security Policy which does not allow for running WebAssembly.
Main reason esbuild does not provide proper tree-shaking and as result unused WebAssembly functions included in to bundle
This can be avoided by importing only functions you need, without importing all module.
Changes
Created yarn patch for @concordium/web-sdk
Now it is possible to import from ./types/ directory, and avoid tree-shaking bug of esbuild
Checklist
hard-to-understand areas.
By submitting the contribution I accept the terms and conditions of the
Contributor License Agreement v1.0
link: https://developers.concordium.com/CLAs/Contributor-License-Agreement-v1.0.pdf
I accept the above linked CLA.