I am trying to embed google sheet in a simple HTML page.
I am following the instruction from:
https://support.google.com/docs/answer/183965?hl=en&co=GENIE.Platform%3DDesktop
I get the following in the console
Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-ktarjbJmNtF8IylbwgjSQoKrcQSdXJkqf60bj4nusHA='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback
In the browser I get the following
Cannot GET /undefined
I am embedding the google sheet provided URL in a div like the following
<div class="text-center section-heading" style="margin-top: 80px;">
<iframe src="https://docs.google.com/spreadsheets/d/e/2PACX-1vTuYr0tEiCqzkPHDgAEMxbUFfYAGI-XADsjCCC05dHuSU-5foLqR9CTHjjq-Xgh-O6SnM4ukIuKMywK/pubhtml?widget=true&headers=false"></iframe>
</div>
Embedding the HTML obtained from sheets as part of your web site is being added as an inline resource, you could migrate the inline resource to a JavaScript/style file instead.
This is due to Content-Security-Policy blocks all inline resources.
Related
I found next code fragment on the Rollup api page.
If I would be using iife instead of amd.
How would Rollup define this in the bundle?
Or would it expect a preceding <script> tag containing that external code? If the latter would be true: Is there a way to produce a bundle with JS code which dynamically loads JS files through absolute URLs?
Try it. You'll see it generates code like this:
(function (d3) {
'use strict';
d3.selectAll('p').style('color', 'purple');
}(d3));
In other words yes, it expects there to be a <script> tag on the page that defines d3.
Is there a way to produce a bundle with JS code which dynamically loads JS files through absolute URLs?
That's exactly what the amd output is. You just need to have an AMD module loader such as require.js or curl.js on the page.
I use asp.net core 1.1.0. Main site published on a domain for example: site.com and all static files like css and js placed on a subdomain name static.site.com.
When use ScriptTagHelper as following, i expected that according to usage of asp-append-version attribute, version number append to js src but this not occur.
<script asp-append-version="true" src="http://static.site.com/js/site.js"></script>
I expected Something like this after rendered page
<script src="http://static.site.com/js/site.js?v=aNhFqVVmQXye2UDIUacX63ZaYbHi3fiDjhBhTA2aCCo"></script>
But result is:
<script src="http://static.site.com/js/site.js"></script>
The ScriptTagHelper does not append versions on files that are referenced via an absolute URI path. Here's the code responsible.
I have an angular2 app running on top of .NET project. We access the app at http://example.com/index/app.
But immediately after the angular2 app starts running and appearing, our URL is rewrited in the browser as: http://example.com/#/dashboard for example.
Trying to go directly to http://example.com/index/app/#/dashboard redirects or more precisely rewrite our url to http://example.com/#/dashboard an displays the app.
How can I prevent this behavior to constantly have the full URI? http://example.com/index/app/#/dashboard Angular2 part being only the after # one.
Your base path is wrong. You have to add
<base href="~/index/app" />
to your html (index.html, index.cshtml, or _Layout.cshtml, depending on the way you have done it) document. Remove the ~ if you are not using Razor views.
Update based on comments
You'll have to define a section within your _Layout.cshtml which will render it on a per view basis.
in _Layout.cshtml:
<head>
...
#RenderSection("base", required: false)
</head>
in your Views/Index/App.cshtml:
#section base {
<base href="~/index/app"/>
}
Im trying to add rel='nofollow' to the script tag for javascript. The purpose is to tell bots not to follow the link within the script tag. However, I am not sure how to do it.
The closest I got was putting it like this:
%script{rel='nofollow', type='text/javascript'}
:cdata
$.ajax({url: '/onepiece'});
But this throws a Uncaught SyntaxError: Unexpected token < error, because
<script rel="nofollow" type="text/javascript">
<![CDATA[
is rendered. I think what should be rendered should be
<script rel="nofollow" type="text/javascript">
//<![CDATA[
Is there another way to do this using haml?
In HTML5 the nofollow keyword can only be applied to a and area elements. (Source: W3C recommendation on html5 links). Also, there is no rel attribute for script elements.
If the page you are looking to block is inside your domain, I'd suggest doing that in robots.txt which should stop most bots from crawling the page.
Hope that helps!
So the title is the question.. I have a fragment like
<nav class="navbar navbar-inverse navbar-fixed-top" role="navigation" th:fragment="header">
<div class="container-fluid">
<div class="navbar-header">
<a class="navbar-brand" href="#">My Shop</a>
So when i open this file in a browser, the static content (e.g. My Shop) will be displayed.
On the main html file where i import this part, i just want to use a simple th:replace tag like this:
<div th:replace="fragments :: header"></div>
So, at runtime, everything works fine. But when i want to use this file also for prototyping, opening the file directly in a browser, the contents of the file (static text like "My Shop") will not be displayed, since this file does not know anything about the fragment. Is there any way of achieving this, without rewriting all the contents also in the main html?
I can imagine sth like this:
<div th:replace="fragments :: header" th:fragment-file="fragment.html"></div>
According to Thymeleaf doc (http://www.thymeleaf.org/doc/layouts.html)
When a Thymeleaf template is used as a static prototype, we cannot see
the fragments we are including using the th:include/th:replace host
tags. We can only see the fragments aside, opening their own template
documents.
However, there is a way to see the real fragments included into our
pages while prototyping. This can be done using Thymol
(http://www.thymoljs.org/), an unofficial JavaScript library that is
an implementation of Thymeleaf’s standard fragment inclusion
functionality, providing static support for some Thymeleaf attributes
like th:include or th:replace, conditional display with
th:if/th:unless, etc.
You could also use a template alias (using resolver.addTemplateAlias("template", "folder/template"))