KitCAD i3 rX with CSP enabled
To enable CSP (Content Security Policy) on KitCAD i3 rX at https://www.kitchenpages.com.au/ use the following CSP header example:
<meta http-equiv="Content-Security-Policy" content="base-uri 'none';default-src https://www.kitchenpages.com.au/ 'unsafe-inline' 'unsafe-eval' data: https://www.kitchenpages.com.au/ blob:; script-src-attr 'unsafe-inline'; script-src-elem 'unsafe-inline' 'unsafe-eval' https://www.kitchenpages.com.au/; script-src 'unsafe-inline' 'unsafe-eval' 'nonce-/IbgrYHFm30YHjFtkVNs2/AyJDI=' 'nonce-irksmjoZ4KFIzWLf5L5JqKkABN8=' 'nonce-ByyasUTa1oxWKG2tlzUy1zrnZFQ=' 'nonce-Biphe98QuUWVmOoH80ICDM0iozU=' https://www.kitchenpages.com.au/ 'strict-dynamic'; style-src 'unsafe-inline'">
The above CSP header example is in a meta-tag HTML format, it may be instead inserted in the web server document header by advanced end users (recomended).
View the page source of https://www.kitchenpages.com.au/www.kitchenpages.com/library/i3/rX2022csp for scripting/html changes.
The page above is generated using a PHP file: Download KitCADi3KGCrX2022CSP.zip and extract to the i3 folder. The rX2022csp.php file will need some manual editing to change domain name of https://www.kitchenpages.com.au/ in the CSP header line.
The following code example can be inserted into the .htaccess file for allowing rX2022csp URL to function without the .php file extension.
<IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_URI} /rX2022csp$ RewriteRule ^/?.*$ /library/i3/rX2022csp.php [L] </IfModule>
January 14th, 2023 at 6:22 pm
Added more files to archive that would require a script element attribute of
nonce.January 14th, 2023 at 7:39 pm
View Image
Google Chrome page load issue, this locks the browser into a state which runs over and over…
January 15th, 2023 at 1:29 pm
To fix the page load issue – Renamed rX2022csp.php to rX2022cspnew.php; Replaced rX2022csp.php with the original rX page content.