fix(csp): add commodity variant to CSP and fix iframe variant navigation (#1506)

Browse Source

* fix(csp): add commodity variant to CSP and fix iframe variant navigation

- Add commodity.worldmonitor.app to frame-src and frame-ancestors in
  vercel.json and index.html CSP — was missing while all other variants
  were listed
- Open variant links in new tab when app runs inside an iframe to prevent
  sandbox navigation errors ("This content is blocked")
- Add allow-popups and allow-popups-to-escape-sandbox to pro page iframe
  sandbox attribute

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(csp): add missing variant subdomains to tauri.conf.json frame-src

Sync tauri.conf.json CSP with index.html and vercel.json by adding
finance, commodity, and happy worldmonitor.app subdomains to frame-src.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs: add PR screenshots for CSP fix

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Elie Habib <elie.habib@gmail.com>

...

This commit is contained in:

Nicolas Dos Santos

2026-03-12 14:12:27 -07:00

committed by GitHub

parent 0ef37d353a

commit 59cd313e16

10 changed files with 20 additions and 19 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

BIN

.github/pr-assets/pro-iframe-section.png vendored Normal file

Binary file not shown.

Side by Side After Width:  |  Height:  |  Size: 58 KiB

BIN

.github/pr-assets/pro-landing.png vendored Normal file

Binary file not shown.

Side by Side After Width:  |  Height:  |  Size: 202 KiB

BIN

.github/pr-assets/world-variant.png vendored Normal file

Binary file not shown.

Side by Side After Width:  |  Height:  |  Size: 504 KiB