1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
|
From: Carsten Schoenert <c.schoenert@t-online.de>
Date: Mon, 26 Jul 2021 09:54:00 +0200
Subject: Sideloading: Don't link to external resources
Upstream is doing some side loading for required CSS and JS files which
we want to avoid for several reasons.
Use the Django STATICFILES_DIR option to provide the files in question.
https://docs.djangoproject.com/en/3.1/ref/settings/#std:setting-STATICFILES_DIRS
Forwarded: not-needed
---
graphene_django/templates/graphene/graphiql.html | 40 +++++++++++++++++-------
1 file changed, 28 insertions(+), 12 deletions(-)
diff --git a/graphene_django/templates/graphene/graphiql.html b/graphene_django/templates/graphene/graphiql.html
index cec4893..c4e92f1 100644
--- a/graphene_django/templates/graphene/graphiql.html
+++ b/graphene_django/templates/graphene/graphiql.html
@@ -17,25 +17,41 @@ add "&raw" to the end of the URL within a browser.
width: 100%;
}
</style>
- <link href="https://cdn.jsdelivr.net/npm/graphiql@{{graphiql_version}}/graphiql.min.css"
+<!-- !!! Some Debian specific modification !!!
+Don't sideload the additional required static files for various reasons.
+ 1. This might become a privacy problem, even if some hash ID is used to
+ ensure the defined version is delivered.
+ 2. There are systems that don't allow sideloading, like closed network
+ environments.
+Instead use {%static} to add the required files to the STATICFILES_DIR
+environment.
+https://docs.djangoproject.com/en/3.1/ref/settings/#std:setting-STATICFILES_DIRS
+-->
+ <link rel="stylesheet" href="{% static 'graphene_django/graphiql.min.css' %}">
+<!-- <link href="https://cdn.jsdelivr.net/npm/graphiql@{{graphiql_version}}/graphiql.min.css"
integrity="{{graphiql_css_sri}}"
rel="stylesheet"
- crossorigin="anonymous" />
- <script src="https://cdn.jsdelivr.net/npm/whatwg-fetch@{{whatwg_fetch_version}}/dist/fetch.umd.js"
+ crossorigin="anonymous" /> -->
+ <script src="{% static 'graphene_django/fetch.umd.js' %}"></script>
+<!-- <script src="https://cdn.jsdelivr.net/npm/whatwg-fetch@{{whatwg_fetch_version}}/dist/fetch.umd.js"
integrity="{{whatwg_fetch_sri}}"
- crossorigin="anonymous"></script>
- <script src="https://cdn.jsdelivr.net/npm/react@{{react_version}}/umd/react.production.min.js"
+ crossorigin="anonymous"></script> -->
+ <script src="{% static 'graphene_django/react.production.min.js' %}"></script>
+<!-- <script src="https://cdn.jsdelivr.net/npm/react@{{react_version}}/umd/react.production.min.js"
integrity="{{react_sri}}"
- crossorigin="anonymous"></script>
- <script src="https://cdn.jsdelivr.net/npm/react-dom@{{react_version}}/umd/react-dom.production.min.js"
+ crossorigin="anonymous"></script> -->
+ <script src="{% static 'graphene_django/react-dom.production.min.js' %}"></script>
+<!-- <script src="https://cdn.jsdelivr.net/npm/react-dom@{{react_version}}/umd/react-dom.production.min.js"
integrity="{{react_dom_sri}}"
- crossorigin="anonymous"></script>
- <script src="https://cdn.jsdelivr.net/npm/graphiql@{{graphiql_version}}/graphiql.min.js"
+ crossorigin="anonymous"></script> -->
+ <script src="{% static 'graphene_django/graphiql.min.js' %}"></script>
+<!-- <script src="https://cdn.jsdelivr.net/npm/graphiql@{{graphiql_version}}/graphiql.min.js"
integrity="{{graphiql_sri}}"
- crossorigin="anonymous"></script>
- <script src="https://cdn.jsdelivr.net/npm/subscriptions-transport-ws@{{subscriptions_transport_ws_version}}/browser/client.js"
+ crossorigin="anonymous"></script> -->
+ <script src="{% static 'graphene_django/client.js' %}"></script>
+<!-- <script src="https://cdn.jsdelivr.net/npm/subscriptions-transport-ws@{{subscriptions_transport_ws_version}}/browser/client.js"
integrity="{{subscriptions_transport_ws_sri}}"
- crossorigin="anonymous"></script>
+ crossorigin="anonymous"></script> -->
</head>
<body>
<div id="editor"></div>
|
