Skip to content

csp: improve docs #12812

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Dec 1, 2025
Merged

csp: improve docs #12812

merged 4 commits into from
Dec 1, 2025
+44 −1

Conversation

@ematipico
Copy link
Member

@ematipico ematipico commented Dec 1, 2025
edited
Loading

Description (required)

Some users have asked how, with CSP, can support script-src-* and style-src-*.

Well, the thing is, we already do! However, this information was "hidden", in the sense that we don't explicitly state that resources can be used to add the values supported by those directives.

This was due to my lack of knowledge.

This PR expands the docs of resources.

Related issues & labels (optional)

@ematipico ematipico added the improve or update documentation Enhance / update existing documentation (e.g. add example, improve description, update for changes) label Dec 1, 2025
@netlify
Copy link

netlify bot commented Dec 1, 2025
edited
Loading

Deploy Preview for astro-docs-2 ready!

Name Link
🔨 Latest commit 70b575e
🔍 Latest deploy log https://app.netlify.com/projects/astro-docs-2/deploys/692db95651be920008431487
😎 Deploy Preview https://deploy-preview-12812--astro-docs-2.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@astrobot-houston
Copy link
Contributor

astrobot-houston commented Dec 1, 2025
edited
Loading

Lunaria Status Overview

🌕 This pull request will trigger status changes.

Learn more

By default, every PR changing files present in the Lunaria configuration's files property will be considered and trigger status changes accordingly.

You can change this by adding one of the keywords present in the ignoreKeywords property in your Lunaria configuration file in the PR's title (ignoring all files) or by including a tracker directive in the merged commit's description.

Tracked Files

File Note
en/reference/experimental-flags/csp.mdx Source changed, localizations will be marked as outdated.
Warnings reference
Icon Description
🔄️ The source for this localization has been updated since the creation of this pull request, make sure all changes in the source have been applied.

sarah11918
sarah11918 reviewed Dec 1, 2025
View reviewed changes
sarah11918
sarah11918 reviewed Dec 1, 2025
View reviewed changes
Copy link
Member

@sarah11918 sarah11918 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just left some tiny editing questions!

@ematipico @sarah11918
Apply suggestions from code review
c5a5fa6 
Co-authored-by: Sarah Rainsberger <5098874+sarah11918@users.noreply.github.com>
@ematipico ematipico requested a review from sarah11918 December 1, 2025 14:32
sarah11918
sarah11918 approved these changes Dec 1, 2025
View reviewed changes
Copy link
Member

@sarah11918 sarah11918 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks great @ematipico !

Would it make sense to update line 149 to read something like:

A list of valid sources for the `script-src` and `style-src` directives, including [values for subclasses](#adding-values-for-subclasses).

I don't know if we can/need to say subclasses of what, or what the proper terminology is (directive subclasses?)

or

A list of valid sources for the `script-src` and `style-src` directives, including [subclasses](#directive-subclasses).

If anything like that makes sense, then I think having that statement in the opening line and a link to a section heading makes sense and is helpful. If there's no good way to do that, then I think this is good as is!

@ematipico
Copy link
Member Author

ematipico commented Dec 1, 2025

@sarah11918 I applied your suggestion

@ematipico ematipico requested a review from sarah11918 December 1, 2025 15:50
@ematipico ematipico mentioned this pull request Dec 1, 2025
Open
sarah11918
sarah11918 approved these changes Dec 1, 2025
View reviewed changes
Copy link
Member

@sarah11918 sarah11918 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great to me! 🙌

@ematipico ematipico merged commit e7d1b49 into main Dec 1, 2025
10 checks passed
@ematipico ematipico deleted the feat/improve-docs branch December 1, 2025 21:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sarah11918 sarah11918 sarah11918 approved these changes

Assignees

No one assigned

Labels

improve or update documentation Enhance / update existing documentation (e.g. add example, improve description, update for changes)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ematipico @astrobot-houston @sarah11918