Updating outdated library + Supporting page InjectApp without CSP problem. #98
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi,
I updated major libraries and development environment to avoid CSP (Content Security Policy) problem in InjectApp.
This is kind of major update and lots of things been modified so I'm not sure you will like this updates. However, I made this pull request for people that might have run into the same problems as me and need newer version of Webpack and React.
What's changed?
Updated: Webpack 4, React 16 (lint & test utility are updated as well)
Updated: separated entry points for window, popup, background, content, and page script.
Updated: Script for development has been separated to
dev-r
anddev-s
.Updated: Using standard webpack-dev-server instead of httpolyglot-server.
Added: react-intl (localization support)
Added: sass support
Added: localization structure of Chrome Extension Package
Details on CSP problem
When I develop my Steemit Enhancer Chrome Extension, I run into many problems related to CSP with InjectApp part of your original boilerplate code. I need to inject script into currently opened page's context, but the page itself has its own CSP and http://localhost:3000 is not allowed due to CSP.
Therefore I separated dev script into two pieces (
dev-r
&dev-s
) to avoid CSP restriction. Developers can usedev-r
to develop background, window, and popup script which don't need to worry about CSP. If developers want to develop content script and injected page script, which can run into CSP restriction, they can usedev-s
.