fix

Zuoqiu-Yingyi · Zuoqiu-Yingyi · commit 4578eee9e396 · 2022-02-26T03:19:39.000+08:00
- 修复使用 `https` 协议时文件校验不通过问题 | Fixed an issue where file validation failed when using the `https` protocol.
- 修复部分资源文件引用路径问题 | Fixed an issue with some resource file reference paths.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,8 @@
 # 更改日志 | CHANGE LOG
 
+- 修复使用 `https` 协议时文件校验不通过问题 | Fixed an issue where file validation failed when using the `https` protocol.
+- 修复部分资源文件引用路径问题 | Fixed an issue with some resource file reference paths.
+
 ## v0.1.0/2022-02-24
 
 - 自动加载块属性 `custom-data-assets` 中设置的资源文件 | The resource file set in the block attribute `custom-data-assets` is automatically loaded.
diff --git a/index.html b/index.html
@@ -236,8 +236,8 @@
 
 			mxscript(drawDevUrl + './js/PreConfig.js');
 			mxscript(drawDevUrl + './js/diagramly/Init.js');
-			mxscript(geBasePath + './Init.js');
-			mxscript(mxBasePath + './mxClient.js');
+			mxscript(geBasePath + '/Init.js');
+			mxscript(mxBasePath + '/mxClient.js');
 
 			// Adds all JS code that depends on mxClient. This indirection via Devel.js is
 			// required in some browsers to make sure mxClient.js (and the files that it
@@ -441,51 +441,51 @@ <h2 id="geStatus">Loading...</h2>
 
 <script type="module">
 	import {
-	getBlockAttrs,
-} from './siyuan/api.js';
-
-async function open() {
-	var urlParams = (() => {
-		var result = new Object();
-		var params = window.location.search.slice(1).split('&');
-		for (var i = 0; i < params.length; i++) {
-			let idx = params[i].indexOf('=');
-			if (idx > 0) {
-				result[params[i].substring(0, idx)] = params[i].substring(idx + 1);
+		getBlockAttrs,
+	} from './siyuan/api.js';
+
+	async function open() {
+		var urlParams = (() => {
+			var result = new Object();
+			var params = window.location.search.slice(1).split('&');
+			for (var i = 0; i < params.length; i++) {
+				let idx = params[i].indexOf('=');
+				if (idx > 0) {
+					result[params[i].substring(0, idx)] = params[i].substring(idx + 1);
+				}
 			}
-		}
-		return result;
-	})();
-	// console.log(urlParams);
-	// console.log(window.location);
+			return result;
+		})();
+		// console.log(urlParams);
+		// console.log(window.location);
 
-	var id = urlParams.id;
+		var id = urlParams.id;
 
-	if (id == null) {
-		let node = window.frameElement != null ? window.frameElement.parentElement.parentElement : null;
-		if (node != null) {
-			id = node.getAttribute('data-node-id');
-			let asset = node.getAttribute('custom-data-assets');
+		if (id == null) {
+			let node = window.frameElement != null ? window.frameElement.parentElement.parentElement : null;
+			if (node != null) {
+				id = node.getAttribute('data-node-id');
+				let asset = node.getAttribute('custom-data-assets');
 
-			let href = `${window.location.origin}${window.location.pathname}?dev=1&id=${id}#U${window.location.origin}/${asset}`;
-			// console.log(href);
-			window.location.href = href;
-		}
-	} else {
-		if (window.location.hash == '') {
-			let data = await getBlockAttrs(id);
-			// console.log(data);
-			let asset = data['custom-data-assets'];
-			if (asset != null) {
 				let href = `${window.location.origin}${window.location.pathname}?dev=1&id=${id}#U${window.location.origin}/${asset}`;
 				// console.log(href);
 				window.location.href = href;
 			}
+		} else {
+			if (window.location.hash == '') {
+				let data = await getBlockAttrs(id);
+				// console.log(data);
+				let asset = data['custom-data-assets'];
+				if (asset != null) {
+					let href = `${window.location.origin}${window.location.pathname}?dev=1&id=${id}#U${window.location.origin}/${asset}`;
+					// console.log(href);
+					window.location.href = href;
+				}
+			}
 		}
 	}
-}
-// console.log(window.location);
-setTimeout(open, 0);
+	// console.log(window.location);
+	setTimeout(open, 0);
 </script>
 
 </html>
diff --git a/js/diagramly/App.js b/js/diagramly/App.js
@@ -643,7 +643,7 @@ App.main = function(callback, createUi)
 			{
 				var content = mxUtils.getTextContent(scripts[0]);
 				
-				if (CryptoJS.MD5(content).toString() != '8445baab47ce600df0a216ded2e4ba30')
+				if (CryptoJS.MD5(content).toString() != '8d30a606a5a4d5fb5186a4989593c4bd')
 				{
 					console.log('Change bootstrap script MD5 in the previous line:', CryptoJS.MD5(content).toString());
 					alert('[Dev] Bootstrap script change requires update of CSP');
diff --git a/js/diagramly/Devel.js b/js/diagramly/Devel.js

Original file line number	Diff line number	Diff line change
`@@ -643,7 +643,7 @@ App.main = function(callback, createUi)`
`643`	`643`	`{`
`644`	`644`	`var content = mxUtils.getTextContent(scripts[0]);`
`645`	`645`
`646`		`- if (CryptoJS.MD5(content).toString() != '8445baab47ce600df0a216ded2e4ba30')`
	`646`	`+ if (CryptoJS.MD5(content).toString() != '8d30a606a5a4d5fb5186a4989593c4bd')`
`647`	`647`	`{`
`648`	`648`	`console.log('Change bootstrap script MD5 in the previous line:', CryptoJS.MD5(content).toString());`
`649`	`649`	`alert('[Dev] Bootstrap script change requires update of CSP');`
-Original file line number
+Diff line change
  * is used for development mode where the JS is in separate
  * files and the mxClient.js loads other files.
  */
 -if (!mxIsElectron && location.protocol !== 'http:')
 -{
 -	(function()
 -	{
 -		var hashes = 'default-src \'self\'; ' +
 -			// storage.googleapis.com is needed for workbox-service-worker
 -			'script-src %script-src% \'self\' https://viewer.diagrams.net https://storage.googleapis.com ' +
 -			'https://apis.google.com https://*.pusher.com ' +
 -			// Below are the SHAs of the two script blocks in index.html.
 -			// These must be updated here and in the CDN after changes.
 -			//----------------------------------------------------------//
 -			//------------- Bootstrap script in index.html -------------//
 -			//----------------------------------------------------------//
 -			// Version 16.4.4
 -			'\'sha256-AVuOIxynOo/05KDLjyp0AoBE+Gt/KE1/vh2pS+yfqes=\' ' +
 -			// Version 15.8.3
 -			'\'sha256-r/ILW7KMSJxeo9EYqCTzZyCT0PZ9gHN1BLgki7vpR+A=\' ' +
 -			// Version 14.6.5
 -			'\'sha256-5DtSB5mj34lxcEf+HFWbBLEF49xxJaKnWGDWa/utwQA=\' ' +
 -			//---------------------------------------------------------//
 -			//------------- App.main script in index.html -------------//
 -			//---------------------------------------------------------//
 -			// Version 13.8.2
 -			'\'sha256-vS/MxlVD7nbY7AnV+0t1Ap338uF7vrcs7y23KjERhKc=\' ' +
 -			//---------------------------------------------------------//
 -			'; ';
 +// if (!mxIsElectron && location.protocol !== 'http:')
 +// {
 +// 	(function()
 +// 	{
 +// 		var hashes = 'default-src \'self\'; ' +
 +// 			// storage.googleapis.com is needed for workbox-service-worker
 +// 			'script-src %script-src% \'self\' https://viewer.diagrams.net https://storage.googleapis.com ' +
 +// 			'https://apis.google.com https://*.pusher.com ' +
 +// 			// Below are the SHAs of the two script blocks in index.html.
 +// 			// These must be updated here and in the CDN after changes.
 +// 			//----------------------------------------------------------//
 +// 			//------------- Bootstrap script in index.html -------------//
 +// 			//----------------------------------------------------------//
 +// 			// Version 16.4.4
 +// 			'\'sha256-AVuOIxynOo/05KDLjyp0AoBE+Gt/KE1/vh2pS+yfqes=\' ' +
 +// 			// Version 15.8.3
 +// 			'\'sha256-r/ILW7KMSJxeo9EYqCTzZyCT0PZ9gHN1BLgki7vpR+A=\' ' +
 +// 			// Version 14.6.5
 +// 			'\'sha256-5DtSB5mj34lxcEf+HFWbBLEF49xxJaKnWGDWa/utwQA=\' ' +
 +// 			//---------------------------------------------------------//
 +// 			//------------- App.main script in index.html -------------//
 +// 			//---------------------------------------------------------//
 +// 			// Version 13.8.2
 +// 			'\'sha256-vS/MxlVD7nbY7AnV+0t1Ap338uF7vrcs7y23KjERhKc=\' ' +
 +// 			//---------------------------------------------------------//
 +// 			'; ';
 -		var styleHashes = '\'sha256-JjkxVHHCCVO0nllPD6hU8bBYSlsikA8TM/o3fhr0bas=\' ' + // index.html
 -			'\'sha256-1F7QEyp3oiW4n2eXlhilLpu+H5Wdj4t90pKtEyK/mFE=\' ' + // Minimal.js/Light
 -			'\'sha256-V8wOMdVocmGIO0DHZHJsKN6viAFJOJRbsJ7UhdJlmng=\' ' + // Minimal.js/Dark
 -			'\'sha256-7kY8ozVqKLIIBwZ24dhdmZkM26PsOlZmEi72RhmZKoM=\' ' + // mxTooltipHandler.js
 -			'\'sha256-01chdey79TzZe4ihnvvUXXI5y8MklIcKH+vzDdQvsuU=\' ' + // Editor.js/mathJaxWebkitCss
 -			'\'sha256-fGbXK7EYpvNRPca81zPnqJHi2y+34KSgAcZv8mhaSzI=\' ' + // MathJax.js
 -			'\'sha256-3hENQqEWUBxdkmJp2kQ2+G0F8NVGzFAVkW5vWDo7ONk=\' ' + // MathJax.js
 -			'\'sha256-Z4u/cxrZPHjN20CIXZHTKr+VlqVxrWG8cbbeC2zmPqI=\' ' + // MathJax.js
 -			'\'sha256-LDMABiyg2T48kuAV9ouqNCSEqf2OkUdlZK9D9CeZHBs=\' ' + // MathJax.js
 -			'\'sha256-XQfwbaSNgLzro3IzkwT0uZLAiBvZzajo0QZx7oW158E=\' ' + // MathJax.js
 -			'\'sha256-++XCePvZXKdegIqkwtbudr16Jx87KFh4t/t7UxsbHpw=\' ' + // MathJax.js
 -			'\'sha256-v9NOL6IswMbY7zpRZjxkYujhuGRVvZtp1c1MfdnToB4=\' ' + // MathJax.js
 -			'\'sha256-5xtuTr9UuyJoTQ76CNLzvSJjS7onwfq73B2rLWCl3aE=\' ' + // MathJax.js
 -			'\'sha256-W21B506Ri8aGW3T87iawssPz71NvvbYZfBfzDbBSArU=\' ' + // MathJax.js
 -			'\'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=\' ' + // spin.min.js
 -			'\'sha256-nzHi23DROym7G011m6y0DyDd9mvQL2hSJ0Gy3g2T/5Q=\' ' + // dropins.js
 -			'\'sha256-76P1PZLzT12kfw2hkrLn5vu/cWZgcOYuSYU3RT3rXKA=\' ' + // gapi
 -			'\'unsafe-hashes\'; '; // Required for hashes for style attribute
 +// 		var styleHashes = '\'sha256-JjkxVHHCCVO0nllPD6hU8bBYSlsikA8TM/o3fhr0bas=\' ' + // index.html
 +// 			'\'sha256-1F7QEyp3oiW4n2eXlhilLpu+H5Wdj4t90pKtEyK/mFE=\' ' + // Minimal.js/Light
 +// 			'\'sha256-V8wOMdVocmGIO0DHZHJsKN6viAFJOJRbsJ7UhdJlmng=\' ' + // Minimal.js/Dark
 +// 			'\'sha256-7kY8ozVqKLIIBwZ24dhdmZkM26PsOlZmEi72RhmZKoM=\' ' + // mxTooltipHandler.js
 +// 			'\'sha256-01chdey79TzZe4ihnvvUXXI5y8MklIcKH+vzDdQvsuU=\' ' + // Editor.js/mathJaxWebkitCss
 +// 			'\'sha256-fGbXK7EYpvNRPca81zPnqJHi2y+34KSgAcZv8mhaSzI=\' ' + // MathJax.js
 +// 			'\'sha256-3hENQqEWUBxdkmJp2kQ2+G0F8NVGzFAVkW5vWDo7ONk=\' ' + // MathJax.js
 +// 			'\'sha256-Z4u/cxrZPHjN20CIXZHTKr+VlqVxrWG8cbbeC2zmPqI=\' ' + // MathJax.js
 +// 			'\'sha256-LDMABiyg2T48kuAV9ouqNCSEqf2OkUdlZK9D9CeZHBs=\' ' + // MathJax.js
 +// 			'\'sha256-XQfwbaSNgLzro3IzkwT0uZLAiBvZzajo0QZx7oW158E=\' ' + // MathJax.js
 +// 			'\'sha256-++XCePvZXKdegIqkwtbudr16Jx87KFh4t/t7UxsbHpw=\' ' + // MathJax.js
 +// 			'\'sha256-v9NOL6IswMbY7zpRZjxkYujhuGRVvZtp1c1MfdnToB4=\' ' + // MathJax.js
 +// 			'\'sha256-5xtuTr9UuyJoTQ76CNLzvSJjS7onwfq73B2rLWCl3aE=\' ' + // MathJax.js
 +// 			'\'sha256-W21B506Ri8aGW3T87iawssPz71NvvbYZfBfzDbBSArU=\' ' + // MathJax.js
 +// 			'\'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=\' ' + // spin.min.js
 +// 			'\'sha256-nzHi23DROym7G011m6y0DyDd9mvQL2hSJ0Gy3g2T/5Q=\' ' + // dropins.js
 +// 			'\'sha256-76P1PZLzT12kfw2hkrLn5vu/cWZgcOYuSYU3RT3rXKA=\' ' + // gapi
 +// 			'\'unsafe-hashes\'; '; // Required for hashes for style attribute
 -		var directives = 'connect-src %connect-src% \'self\' https://*.draw.io https://*.diagrams.net ' +
 -			'https://*.googleapis.com wss://p2p-collab-test.jgraph.workers.dev wss://*.pusher.com https://*.pusher.com ' +
 -			'https://api.github.com https://raw.githubusercontent.com https://gitlab.com ' +
 -			'https://graph.microsoft.com https://*.sharepoint.com  https://*.1drv.com https://api.onedrive.com ' +
 -			'https://dl.dropboxusercontent.com ' +
 -			'https://*.google.com https://fonts.gstatic.com https://fonts.googleapis.com; ' +
 -			// font-src about: is required for MathJax HTML-CSS output with STIX
 -			'img-src * data: blob:; media-src * data:; font-src * about:; ' +
 -			// www.draw.io required for browser data migration to app.diagrams.net and
 -			// viewer.diagrams.net required for iframe embed preview
 -			'frame-src %frame-src% \'self\' https://viewer.diagrams.net https://www.draw.io https://*.google.com; ' +
 -			'style-src %style-src% \'self\'  https://fonts.googleapis.com ' +
 -			// Replaces unsafe-inline style-src with hashes with safe-style-src URL parameter
 -			((urlParams['safe-style-src'] == '1') ? styleHashes : '\'unsafe-inline\'; ') +
 -			'base-uri \'none\';' +
 -			'child-src \'self\';' +
 -			'object-src \'none\';';
 +// 		var directives = 'connect-src %connect-src% \'self\' https://*.draw.io https://*.diagrams.net ' +
 +// 			'https://*.googleapis.com wss://p2p-collab-test.jgraph.workers.dev wss://*.pusher.com https://*.pusher.com ' +
 +// 			'https://api.github.com https://raw.githubusercontent.com https://gitlab.com ' +
 +// 			'https://graph.microsoft.com https://*.sharepoint.com  https://*.1drv.com https://api.onedrive.com ' +
 +// 			'https://dl.dropboxusercontent.com ' +
 +// 			'https://*.google.com https://fonts.gstatic.com https://fonts.googleapis.com; ' +
 +// 			// font-src about: is required for MathJax HTML-CSS output with STIX
 +// 			'img-src * data: blob:; media-src * data:; font-src * about:; ' +
 +// 			// www.draw.io required for browser data migration to app.diagrams.net and
 +// 			// viewer.diagrams.net required for iframe embed preview
 +// 			'frame-src %frame-src% \'self\' https://viewer.diagrams.net https://www.draw.io https://*.google.com; ' +
 +// 			'style-src %style-src% \'self\'  https://fonts.googleapis.com ' +
 +// 			// Replaces unsafe-inline style-src with hashes with safe-style-src URL parameter
 +// 			((urlParams['safe-style-src'] == '1') ? styleHashes : '\'unsafe-inline\'; ') +
 +// 			'base-uri \'none\';' +
 +// 			'child-src \'self\';' +
 +// 			'object-src \'none\';';
 -		var csp = hashes + directives;
 -		var devCsp = csp.
 -			// Adds script tags and loads shapes with eval
 -			replace(/%script-src%/g, 'https://www.dropbox.com https://api.trello.com https://devhost.jgraph.com \'unsafe-eval\'').
 -			// Adds Trello and Dropbox backend storage
 -			replace(/%connect-src%/g, 'https://*.dropboxapi.com https://trello.com https://api.trello.com').
 -			// Loads common.css from mxgraph
 -			replace(/%style-src%/g, 'https://devhost.jgraph.com').
 -			replace(/%frame-src%/g, '').
 -			replace(/  /g, ' ');
 +// 		var csp = hashes + directives;
 +// 		var devCsp = csp.
 +// 			// Adds script tags and loads shapes with eval
 +// 			replace(/%script-src%/g, 'https://www.dropbox.com https://api.trello.com https://devhost.jgraph.com \'unsafe-eval\'').
 +// 			// Adds Trello and Dropbox backend storage
 +// 			replace(/%connect-src%/g, 'https://*.dropboxapi.com https://trello.com https://api.trello.com').
 +// 			// Loads common.css from mxgraph
 +// 			replace(/%style-src%/g, 'https://devhost.jgraph.com').
 +// 			replace(/%frame-src%/g, '').
 +// 			replace(/  /g, ' ');
 -		mxmeta(null, devCsp, 'Content-Security-Policy');
 +// 		mxmeta(null, devCsp, 'Content-Security-Policy');
 -		if (urlParams['print-csp'] == '1')
 -		{
 -			console.log('Content-Security-Policy');
 -			var app_diagrams_net = csp.replace(/%script-src%/g, 'https://www.dropbox.com https://api.trello.com').
 -				replace(/%connect-src%/g, 'https://*.dropboxapi.com https://api.trello.com').
 -				replace(/%frame-src%/g, '').
 -					replace(/%style-src%/g, '').
 -					replace(/  /g, ' ') + ' frame-ancestors \'self\' https://teams.microsoft.com;';
 -			console.log('app.diagrams.net:', app_diagrams_net);
 +// 		if (urlParams['print-csp'] == '1')
 +// 		{
 +// 			console.log('Content-Security-Policy');
 +// 			var app_diagrams_net = csp.replace(/%script-src%/g, 'https://www.dropbox.com https://api.trello.com').
 +// 				replace(/%connect-src%/g, 'https://*.dropboxapi.com https://api.trello.com').
 +// 				replace(/%frame-src%/g, '').
 +// 					replace(/%style-src%/g, '').
 +// 					replace(/  /g, ' ') + ' frame-ancestors \'self\' https://teams.microsoft.com;';
 +// 			console.log('app.diagrams.net:', app_diagrams_net);
 -			var se_diagrams_net = hashes.replace(/%script-src%/g, '') +
 -				'connect-src \'self\' https://*.diagrams.net ' +
 -				'https://*.googleapis.com wss://*.pusher.com https://*.pusher.com ' +
 -				'https://*.google.com https://fonts.gstatic.com https://fonts.googleapis.com; ' +
 -				'img-src * data: blob:; media-src * data:; font-src * about:; ' +
 -				'frame-src \'self\' https://viewer.diagrams.net https://*.google.com; ' +
 -				'style-src \'self\' https://fonts.googleapis.com ' + styleHashes + ' ' +
 -				'object-src \'none\';' +
 -				'frame-src \'none\';' +
 -				'worker-src https://se.diagrams.net/service-worker.js;'
 -			console.log('se.diagrams.net:', se_diagrams_net);
 +// 			var se_diagrams_net = hashes.replace(/%script-src%/g, '') +
 +// 				'connect-src \'self\' https://*.diagrams.net ' +
 +// 				'https://*.googleapis.com wss://*.pusher.com https://*.pusher.com ' +
 +// 				'https://*.google.com https://fonts.gstatic.com https://fonts.googleapis.com; ' +
 +// 				'img-src * data: blob:; media-src * data:; font-src * about:; ' +
 +// 				'frame-src \'self\' https://viewer.diagrams.net https://*.google.com; ' +
 +// 				'style-src \'self\' https://fonts.googleapis.com ' + styleHashes + ' ' +
 +// 				'object-src \'none\';' +
 +// 				'frame-src \'none\';' +
 +// 				'worker-src https://se.diagrams.net/service-worker.js;'
 +// 			console.log('se.diagrams.net:', se_diagrams_net);
 -			// TODO remove https://ajax.googleapis.com April 2022. It's old jquery domain
 -			var ac_draw_io = csp.replace(/%script-src%/g, 'https://aui-cdn.atlassian.com https://connect-cdn.atl-paas.net https://ajax.googleapis.com https://cdnjs.cloudflare.com').
 -					replace(/%frame-src%/g, 'https://www.lucidchart.com https://app.lucidchart.com https://lucid.app blob:').
 -					replace(/%style-src%/g, 'https://aui-cdn.atlassian.com https://*.atlassian.net').
 -					replace(/%connect-src%/g, '').
 -					replace(/  /g, ' ');
 -			console.log('ac.draw.io:', ac_draw_io);
 +// 			// TODO remove https://ajax.googleapis.com April 2022. It's old jquery domain
 +// 			var ac_draw_io = csp.replace(/%script-src%/g, 'https://aui-cdn.atlassian.com https://connect-cdn.atl-paas.net https://ajax.googleapis.com https://cdnjs.cloudflare.com').
 +// 					replace(/%frame-src%/g, 'https://www.lucidchart.com https://app.lucidchart.com https://lucid.app blob:').
 +// 					replace(/%style-src%/g, 'https://aui-cdn.atlassian.com https://*.atlassian.net').
 +// 					replace(/%connect-src%/g, '').
 +// 					replace(/  /g, ' ');
 +// 			console.log('ac.draw.io:', ac_draw_io);
 -			var aj_draw_io = csp.replace(/%script-src%/g, 'https://connect-cdn.atl-paas.net').
 -					replace(/%frame-src%/g, 'blob:').
 -					replace(/%style-src%/g, 'https://aui-cdn.atlassian.com https://*.atlassian.net').
 -					replace(/%connect-src%/g, 'https://api.atlassian.com https://api.media.atlassian.com').
 -					replace(/  /g, ' ');
 -			console.log('aj.draw.io:', aj_draw_io);
 +// 			var aj_draw_io = csp.replace(/%script-src%/g, 'https://connect-cdn.atl-paas.net').
 +// 					replace(/%frame-src%/g, 'blob:').
 +// 					replace(/%style-src%/g, 'https://aui-cdn.atlassian.com https://*.atlassian.net').
 +// 					replace(/%connect-src%/g, 'https://api.atlassian.com https://api.media.atlassian.com').
 +// 					replace(/  /g, ' ');
 +// 			console.log('aj.draw.io:', aj_draw_io);
 -			console.log('import.diagrams.net:', 'default-src \'self\'; worker-src blob:; img-src \'self\' blob: data: https://www.lucidchart.com ' +
 -					'https://app.lucidchart.com https://lucid.app; style-src \'self\' \'unsafe-inline\'; frame-src https://www.lucidchart.com https://app.lucidchart.com https://lucid.app;');
 -			console.log('Development:', devCsp);
 +// 			console.log('import.diagrams.net:', 'default-src \'self\'; worker-src blob:; img-src \'self\' blob: data: https://www.lucidchart.com ' +
 +// 					'https://app.lucidchart.com https://lucid.app; style-src \'self\' \'unsafe-inline\'; frame-src https://www.lucidchart.com https://app.lucidchart.com https://lucid.app;');
 +// 			console.log('Development:', devCsp);
 -			console.log('Header Worker:', 'let securityHeaders =', JSON.stringify({
 -				online: {
 -					"Content-Security-Policy" : app_diagrams_net,
 -					"Permissions-Policy" : "microphone=()"
 -				},
 -				se: {
 -					"Content-Security-Policy" : se_diagrams_net,
 -					"Permissions-Policy" : "microphone=()",
 -					"Access-Control-Allow-Origin": "https://se.diagrams.net"
 -				},
 -				teams: {
 -					"Content-Security-Policy" : app_diagrams_net.replace(/ 'sha256-[^']+'/g, ''),
 -					"Permissions-Policy" : "microphone=()"
 -				},
 -				jira: {
 -					"Content-Security-Policy" : aj_draw_io,
 -					"Permissions-Policy" : "microphone=()"
 -				},
 -				conf: {
 -					"Content-Security-Policy" : ac_draw_io,
 -					"Permissions-Policy" : "microphone=()"
 -				}
 -			}, null, 4));
 -		}
 -	})();
 -}
 +// 			console.log('Header Worker:', 'let securityHeaders =', JSON.stringify({
 +// 				online: {
 +// 					"Content-Security-Policy" : app_diagrams_net,
 +// 					"Permissions-Policy" : "microphone=()"
 +// 				},
 +// 				se: {
 +// 					"Content-Security-Policy" : se_diagrams_net,
 +// 					"Permissions-Policy" : "microphone=()",
 +// 					"Access-Control-Allow-Origin": "https://se.diagrams.net"
 +// 				},
 +// 				teams: {
 +// 					"Content-Security-Policy" : app_diagrams_net.replace(/ 'sha256-[^']+'/g, ''),
 +// 					"Permissions-Policy" : "microphone=()"
 +// 				},
 +// 				jira: {
 +// 					"Content-Security-Policy" : aj_draw_io,
 +// 					"Permissions-Policy" : "microphone=()"
 +// 				},
 +// 				conf: {
 +// 					"Content-Security-Policy" : ac_draw_io,
 +// 					"Permissions-Policy" : "microphone=()"
 +// 				}
 +// 			}, null, 4));
 +// 		}
 +// 	})();
 +// }
 mxscript(drawDevUrl + 'js/cryptojs/aes.min.js');
 mxscript(drawDevUrl + 'js/spin/spin.min.js');
 	mxscript(drawDevUrl + 'js/orgchart/bridge.collections.min.js');
 	mxscript(drawDevUrl + 'js/orgchart/OrgChart.Layout.min.js');
 	mxscript(drawDevUrl + 'js/orgchart/mxOrgChartLayout.js');
 -}
 +}