62a9dffcae
* Configure ember-auto-import so we can use a stricter CSP * Create a fake filesystem using JSON to avoid inline scripts in index We used to have inline scripts in index.html in order to support embers filepath fingerprinting and our configurable rootURL. Instead of using inline scripts we use application/json plus a JSON blob to create a fake filesystem JSON blob/hash/map to hold all of the rootURL'ed fingerprinted file paths which we can then retrive later in non-inline scripts. We move our inlined polyfills script into the init.js external script, and we move the CodeMirror syntax highlighting configuration inline script into the main app itself - into the already existing CodeMirror initializer (this has been moved so we can lookup a service located document using ember's DI container) * Set a strict-ish CSP policy during development
4 lines
79 B
Plaintext
4 lines
79 B
Plaintext
```release-note:improvement
|
|
ui: support stricter content security policies
|
|
```
|