Re: Scheme REPL again and Issue with guide to macros

Show/hide message thread

Scheme REPL again and Issue with guide to macros Jakub T. Jankiewicz (21 Nov 2021 23:05 UTC)

Re: Scheme REPL again and Issue with guide to macros Vasilij Schneidermann (22 Nov 2021 12:06 UTC)

Re: Scheme REPL again and Issue with guide to macros Jakub T. Jankiewicz (22 Nov 2021 12:28 UTC)

Re: Scheme REPL again and Issue with guide to macros Vasilij Schneidermann (22 Nov 2021 14:58 UTC)

Re: Scheme REPL again and Issue with guide to macros Lassi Kortela (24 Nov 2021 12:15 UTC)

Re: Scheme REPL again and Issue with guide to macros Vasilij Schneidermann (24 Nov 2021 12:52 UTC)

Guide to macros Lassi Kortela (24 Nov 2021 12:32 UTC)

Re: Guide to macros Jakub T. Jankiewicz (24 Nov 2021 14:01 UTC)

Re: Scheme REPL again and Issue with guide to macros Jakub T. Jankiewicz 22 Nov 2021 12:27 UTC

> I see neither a CSP meta tag nor CSP HTTP header. Maybe you removed it?

Then what is it:

Feature-Policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay
'none'; camera 'none'; display-capture 'none'; document-domain 'none';
encrypted-media 'none'; fullscreen 'none'; geolocation 'none'; gyroscope
'none'; layout-animations 'none'; magnetometer 'none'; microphone 'none';
midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; usb
'none'; vibrate 'none'; vr 'none'

At https://www.staging.scheme.org/ ?

There are also errors form embedded fonts, so it already backfired.

>
> > Any reason why this Content Policy was added?
>
> It's a security barrier, sort of like a firewall. The idea is to stop
> any non-whitelisted JavaScript code from running, thereby preventing XSS
> attacks.

Yes, I know what CSP is for, but why you need for a website that only have
static html files and don't allow to add user content? It doesn't make much
sense to me.

Jakub

--
Jakub T. Jankiewicz, Web Developer
https://jcubic.pl/me