ewancroft.uk / website
my website at ewancroft.uk
6
fork

Configure Feed

Select the types of activity you want to include in your feed.

fix: resolve CSP violations and... whatever was wrong with @atproto/api

- Add CSP directives for Google Fonts (style-src-elem, font-src)
- Include @atproto/api in Vite optimizeDeps (something about CommonJS?)
- Replace flex-grow with grow utility class in layout

Fixes CSP blocking of fonts.googleapis.com and fonts.gstatic.com
Apparently Vite needed to transform @atproto/api or something? It works now.

ewancroft.uk 8ac95caa 967a617d

+5 -5
+1 -1
src/routes/+layout.svelte
··· 83 83 > 84 84 <Header /> 85 85 86 - <main class="container mx-auto flex-grow px-4 py-8"> 86 + <main class="container mx-auto grow px-4 py-8"> 87 87 <ScrollToTop /> 88 88 {@render children()} 89 89 </main>
+3 -2
svelte.config.js
··· 43 43 directives: { 44 44 'default-src': ['self'], 45 45 'script-src': ['self', 'unsafe-inline'], 46 - 'style-src': ['self', 'unsafe-inline'], 46 + 'style-src': ['self', 'unsafe-inline', 'https://fonts.googleapis.com'], 47 + 'style-src-elem': ['self', 'unsafe-inline', 'https://fonts.googleapis.com'], 47 48 'img-src': ['self', 'data:', 'https:'], 48 - 'font-src': ['self', 'data:'], 49 + 'font-src': ['self', 'data:', 'https://fonts.gstatic.com'], 49 50 'connect-src': ['self', 'https:'], 50 51 'media-src': ['self', 'https:'] 51 52 }
+1 -2
vite.config.ts
··· 39 39 }, 40 40 41 41 optimizeDeps: { 42 - include: ['@lucide/svelte', 'hls.js'], 43 - exclude: ['@atproto/api'] 42 + include: ['@lucide/svelte', 'hls.js', '@atproto/api'] 44 43 }, 45 44 46 45 server: {