#6229 Fix improper output rendering#6230
Open
martgil wants to merge 23 commits into
Open
Conversation
added 18 commits
May 22, 2026 16:34
…oper-output-rendering
Collaborator
|
Hi @martgil, do you think this PR will be finished on this week so we can publish a new release next week with these fixes included? |
Collaborator
Author
|
Hello @sosnovsky - Yes, it should be finished within this week. Not sure why CodeQL test fails. I'll review. |
Collaborator
Author
|
Hi @sosnovsky - This one is ready for a review. Thank you! |
sosnovsky
reviewed
May 29, 2026
| "minimum_chrome_version": "96", | ||
| "content_security_policy": { | ||
| "extension_pages": "script-src 'self'; frame-ancestors 'self' https://mail.google.com; img-src 'self' data: blob: https:; frame-src 'self' blob:; worker-src 'self'; form-action 'none'; media-src 'none'; font-src 'none'; manifest-src 'none'; object-src 'none'; base-uri 'self';" | ||
| "extension_pages": "script-src 'self'; default-src 'self'; frame-ancestors 'self' https://mail.google.com; img-src 'self' https://* data: blob:; frame-src 'self' blob:; worker-src 'self'; form-action 'none'; media-src 'none'; font-src 'none'; manifest-src 'none'; object-src 'none'; base-uri 'self'; connect-src 'self' https://flowcrypt.com https://*.flowcrypt.com https://flowcrypt.s3.amazonaws.com https://www.google.com https://gmail.googleapis.com;" |
Collaborator
There was a problem hiding this comment.
there are a lot of connection errors in console logs because of added strict connect-src rules:
also refresh token requests fail:
contacts search doesn't work too. WKD search won't work, as it requires connection to recipient's domain, which will fail with current connect-src.
we'll probably won't be able to list all used domains in connect-src config, so it'll be better to remove it.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR fixes improper rendering of certain outputs rendered by the browser extension.
close #6229
Tests (delete all except exactly one):
To be filled by reviewers
I have reviewed that this PR... (tick whichever items you personally focused on during this review):