fix need for unsafe-eval in CSP header

2021-02-04 11:31:07 +01:00 · 2021-02-04 11:31:07 +01:00 · 5aa2858f4b
parent 034426ed45
commit 5aa2858f4b
1 changed files with 4 additions and 0 deletions
--- a/scripts/build.js
+++ b/scripts/build.js
@ -69,6 +69,10 @@ async function buildHtml(assets) {
    const doc = cheerio.load(devHtml);
    doc("link[rel=stylesheet]").attr("href", assets.resolve(`bundle.css`));
    const mainScripts = [
+        // this is needed to avoid hitting https://github.com/facebook/regenerator/issues/378
+        // which prevents the whole bundle to load, as our CSP headers don't allow unsafe-eval
+        // and I preferred this over disabling strict mode for the whole bundle
+        `<script type="text/javascript">window.regeneratorRuntime = undefined;</script>`,
        `<script type="text/javascript" src="${assets.resolve(`bundle.js`)}"></script>`,
        `<script type="text/javascript">bundle.main(document.body);</script>`
    ];