You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi there,
We're concerned about the Prismic toolbar loading the third-party html2canvas script directly.
Should this url ever be compromised it would present a huge security risk. We've had to add it to our CSP but it's far from ideal.
Ideally, Prismic would mirror it and self-host, or provide a way to configure or override the source for end users to self-host.
Thanks!
The text was updated successfully, but these errors were encountered:
Hi there,
We're concerned about the Prismic toolbar loading the third-party html2canvas script directly.
Should this url ever be compromised it would present a huge security risk. We've had to add it to our CSP but it's far from ideal.
Ideally, Prismic would mirror it and self-host, or provide a way to configure or override the source for end users to self-host.
Thanks!
The text was updated successfully, but these errors were encountered: