CSP Jakub T. Jankiewicz (06 Aug 2022 13:55 UTC)
Re: CSP Arthur A. Gleckler (08 Aug 2022 18:28 UTC)
Re: CSP Jakub T. Jankiewicz (08 Aug 2022 20:00 UTC)
Re: CSP Arthur A. Gleckler (08 Aug 2022 20:14 UTC)
Re: CSP Vasilij Schneidermann (08 Aug 2022 20:47 UTC)
Re: CSP Arthur A. Gleckler (03 Oct 2022 21:14 UTC)
Re: CSP Jakub T. Jankiewicz (19 Jan 2023 14:04 UTC)
Re: CSP Magnus Ahltorp (19 Jan 2023 19:50 UTC)
Re: CSP Jakub T. Jankiewicz (19 Jan 2023 20:10 UTC)

Re: CSP Jakub T. Jankiewicz 08 Aug 2022 19:59 UTC


On Mon, 8 Aug 2022 11:27:45 -0700
"Arthur A. Gleckler" <xxxxxx@speechcode.com> wrote:

> On Sat, Aug 6, 2022 at 6:56 AM Jakub T. Jankiewicz <xxxxxx@onet.pl> wrote:
>
> > I'm just wondering if you maybe can relax some of the CSP rules you have
> > on the site. Scheme.org don't have any user generate content, it doesn't
> > have any user input. CSP was mostly to prevent XSS and other similar
> > attacks. There is not need for such a thing for website like scheme.org.
> >
>
> I'd rather not turn off the protections.  We're not accepting user input
> now, but we probably will in the future.  And your bookmarklet doesn't
> require access to the page in order to be useful.  As you point out on its
> page <https://lips.js.org/#bookmark>, it works perfectly fine in an empty
> tab.

The whole point is to using bookmarklet is that you can use it on same page.
If you need to open different page you can use try.scheme.org. You can use my
bookmark on PDF files, at least in Chrome. So you can use it on R7RS spec and
test the code while you read it. But you can't use it on Scheme.org that
have a lot of Scheme code (Especially Cookbook). The same you can sue my
Bookmark on WikiBook:
https://en.wikibooks.org/wiki/Scheme_Programming/List_Operations

or Wikipedia:
https://en.wikipedia.org/wiki/Scheme_(programming_language)

The same you can say that you don't need to use Web REPL, because you can
install Scheme on your system. It's easier to use one page than two separated
pages, the same it's easier to use just a browser than a terminal and a
browser.

--
Jakub T. Jankiewicz, Senior Front-End Developer
https://jcubic.pl/me