mirror of
https://github.com/enso-org/enso.git
synced 2024-12-18 19:41:32 +03:00
52 lines
2.0 KiB
HTML
52 lines
2.0 KiB
HTML
|
<!--
|
||
|
FIXME [NP]: https://github.com/enso-org/cloud-v2/issues/345
|
||
|
This file is used by both the `content` and `dashboard` packages. The `dashboard` package uses it
|
||
|
via a symlink. This is temporary, while the `content` and `dashboard` have separate entrypoints
|
||
|
for cloud and desktop. Once they are merged, the symlink must be removed.
|
||
|
-->
|
||
|
<!doctype html>
|
||
|
<html lang="en">
|
||
|
<head>
|
||
|
<meta charset="utf-8" />
|
||
|
<!-- https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP -->
|
||
|
<!-- FIXME https://github.com/validator/validator/issues/917 -->
|
||
|
<!-- FIXME Security Vulnerabilities: https://github.com/enso-org/ide/issues/226 -->
|
||
|
<!-- NOTE `frame-src` section of `http-equiv` required only for authorization -->
|
||
|
<meta
|
||
|
http-equiv="Content-Security-Policy"
|
||
|
content="
|
||
|
default-src 'self';
|
||
|
frame-src 'self' data: https://accounts.google.com https://enso-org.firebaseapp.com;
|
||
|
script-src 'self' 'unsafe-eval' data: https://*;
|
||
|
style-src 'self' 'unsafe-inline' data: https://*;
|
||
|
connect-src 'self' data: ws://localhost:* ws://127.0.0.1:* http://localhost:* https://* wss://*;
|
||
|
worker-src 'self' blob:;
|
||
|
img-src 'self' blob: data: https://*;
|
||
|
font-src 'self' data: https://*"
|
||
|
/>
|
||
|
<meta
|
||
|
name="viewport"
|
||
|
content="
|
||
|
width=device-width,
|
||
|
initial-scale = 1.0,
|
||
|
maximum-scale = 1.0,
|
||
|
user-scalable = no"
|
||
|
/>
|
||
|
<title>Enso</title>
|
||
|
<script type="module" src="./src/entrypoint.ts" defer></script>
|
||
|
</head>
|
||
|
<body>
|
||
|
<div id="root"></div>
|
||
|
<div id="enso-dashboard" class="enso-dashboard"></div>
|
||
|
<div id="enso-chat" class="enso-chat"></div>
|
||
|
<noscript>
|
||
|
This page requires JavaScript to run. Please enable it in your browser.
|
||
|
</noscript>
|
||
|
<!-- Google tag (gtag.js) -->
|
||
|
<script
|
||
|
async
|
||
|
src="https://www.googletagmanager.com/gtag/js?id=G-CLTBJ37MDM"
|
||
|
></script>
|
||
|
</body>
|
||
|
</html>
|