Skip to content

Update devtools to enable strict mode via query param #7527

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 19, 2025
Merged

Update devtools to enable strict mode via query param #7527

merged 1 commit into from
Aug 19, 2025

Conversation

camdecoster
Copy link
Contributor

@camdecoster camdecoster commented Aug 18, 2025
edited
Loading

Description

Update plotly.js DevTools to enable strict mode (used for content security policy testing) via query param.

Screenshots

Before After
image image

Testing

  • Start the server in normal mode with this command: npm start
  • Open the Network tab of the browser DevTools and reload the page
  • Note that no CSP header is returned in the response of the initial request
  • Close the server
  • Start the server using strict mode with this command: npm run strict
  • Open the Network tab of the browser DevTools and reload the page
  • Note that a CSP header is returned in the response of the initial request

Notes

  • The policies enabled for this mode include the following:
    script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src blob:
  • One can turn on strict mode by adding the query param 'strict' with any truthy value
  • When in strict mode, the page title includes the word 'strict' and the words 'STRICT MODE' are added to the header bar

@camdecoster camdecoster marked this pull request as ready for review August 18, 2025 21:48
@camdecoster camdecoster requested a review from emilykl August 18, 2025 21:48
@camdecoster camdecoster merged commit 607ac29 into master Aug 19, 2025
6 checks passed
@camdecoster camdecoster deleted the cam/update-csp-devtools branch August 19, 2025 13:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gvwilson gvwilson gvwilson approved these changes

@emilykl emilykl Awaiting requested review from emilykl

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@camdecoster @gvwilson