Yes, unchecking that setting is not recommended. CSP - content security policy - is on by default for very good reasons. If you need to whitelist some scripts that would normally be flagged by CSP, you can add them to the content_security_policy_script_src setting on your site and they would then work without issue. You can read
if you want to learn more about this.
Doesn’t that setting come unchecked by default?
No, that setting has been on by default for a while now.
Weird, our site didn’t even exist in Jan but our default is not checked
Thanks Joe,
I white listed scripts for twitter time line, It works now with CSP option checked.
Is it possible to change background color of twitter time line to match with the forum background ?
Not easily because it’s in an iFrame so you can’t just add CSS but there are various suggestions on stackexchange, but not sure which work, for example
html - Styling a Twitter feed - CSS won't target .timeline-Tweet-text - Stack Overflow.
Because of lazy loading (sorry if this isn’t the correct term) on discourse, I think any js solution will require
<script type="text/discourse-plugin" version="0.8">
api.onPageChange(() => {
Do Stuff Here
});
</script>
你好,
在将 Twitter 侧边栏安装到生产环境后,我们遇到了问题:仪表盘无法加载“注册”或任何单独的报告,它一直加载但从未完成。Discourse 版本为 2.4.1,最近已升级。当我移除 Twitter 侧边栏组件后,一切正常。请问这可能是什么原因?
谢谢
我的安全策略设置和您一样。奇怪的是,当我移除 Twitter 侧边栏后,报告功能就开始正常工作了。
抱歉,我完全不知道如何处理涉及站点报告冲突的问题排查。
错误是 TypeError: document.getElementById(…) 为 null
看起来 #sidebar div 并非在每个页面上都插入?
可以通过正确检查元素是否为 null 来修复此问题。
api.onPageChange(() => {
if (Discourse.User.current() !== null) {
var sb = document.getElementById("sidebar")
if (sb) {
sb.style.display = "block";
}
}
});
api.onPageChange(() => {
var is_iPad = navigator.userAgent.match(/iPad/i) != null;
if(is_iPad) {
var sb = document.getElementById("sidebar")
if (sb) {
sb.style.display = "none";
}
}
});
有人能帮我嵌入 Twitter 动态流吗?就像侧边栏那样。
我完全支持这个想法。有人成功帮助社区戒除对 Twitter 的依赖吗?