sij/khoj
1
0
Fork 0
mirror of https://github.com/khoj-ai/khoj.git synced 2024-11-23 23:48:56 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 16

Loosen CSP in Obsidian to load images, sync and allow Obsidian domain

Browse source
This commit is contained in:
Debanjum Singh Solanky 2024-06-13 14:23:11 +05:30
parent 327045be43
commit 08c3aa496d
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/interface/obsidian/src/chat_view.ts
View file

@ -82,12 +82,12 @@ export class KhojChatView extends KhojPaneView {
super.onOpen(); super.onOpen();
// Construct Content Security Policy // Construct Content Security Policy
let defaultDomains = `'self' ${this.setting.khojUrl} https://app.khoj.dev https://assets.khoj.dev`; let defaultDomains = `'self' ${this.setting.khojUrl} https://*.obsidian.md https://app.khoj.dev https://assets.khoj.dev`;
const defaultSrc = `default-src ${defaultDomains};`; const defaultSrc = `default-src ${defaultDomains};`;
const scriptSrc = `script-src ${defaultDomains} 'unsafe-inline';`; const scriptSrc = `script-src ${defaultDomains} 'unsafe-inline';`;
const connectSrc = `connect-src ${this.setting.khojUrl} https://ipapi.co/json;`; const connectSrc = `connect-src ${this.setting.khojUrl} wss://*.obsidian.md/ https://ipapi.co/json;`;
const styleSrc = `style-src ${defaultDomains} 'unsafe-inline';`; const styleSrc = `style-src ${defaultDomains} 'unsafe-inline';`;
const imgSrc = `img-src ${defaultDomains} data: https://*.khoj.dev https://*.googleusercontent.com;`; const imgSrc = `img-src * app: data:;`;
const childSrc = `child-src 'none';`; const childSrc = `child-src 'none';`;
const objectSrc = `object-src 'none';`; const objectSrc = `object-src 'none';`;
const csp = `${defaultSrc} ${scriptSrc} ${connectSrc} ${styleSrc} ${imgSrc} ${childSrc} ${objectSrc}`; const csp = `${defaultSrc} ${scriptSrc} ${connectSrc} ${styleSrc} ${imgSrc} ${childSrc} ${objectSrc}`;