Set Content-Security-Policy in Gatsby to allow loading content in Storybook #778
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This change: (check at least one)
Is this a breaking change? (check one)
Is the: (complete all)
What does this change address?
When updating to Gatsby 5 we inadvertently broke some storybook pages. It will no longer load any content for the stories, returning a 404 with an error like
Refused to display 'https://pharos.jstor.org/' in a frame because it set 'X-Frame-Options' to 'deny'.
How does this change work?
Sets the
Content-Security-Policy
ofpharos.jstor.org
to all content from any jstor page. It appears that in Gatsby 5 Netlify automatically injects it's adapter, which sets the headers to deny. (thread, documentation)Additional context
I used this documentation to create the header value, but I'm not overly familiar with this header, so let me know if there is a better option!