Hi, is there a way to hide the preview when editing a worker, I have to allow cloudflare’s font and let it be framed from the dashboard because it shows a preview when editing and otherwise I get CSP reports.
Its also one of the two reasons why I have to have unsafe-inline in my style src, so I’d like to have one less reason to need to have it.
I believe simply by ignoring the Blocked by Content Security Policy, unless for reasons of extreme numbers of reports costing you via a paid account @, e.g., report-uri.com , is the only way to “hide” it. It’s what I do. There’s no way I’ll allow unsafe-inline in my CSP’s style-src or script-src (the latter being irrelevent to this topic, though relevant to CSP).
Edit: Also another option that at least minimizes the part of the screen in question:
Its not costing me anything, but yeah, its annoying to get CSP reports every time I go to edit my worker since, hence why I frame-ancestor sent to dash.cloudflare.com, and allowing https://*.cloudflareworkers.com to load fonts, along with one of the two reasons why I allow inline styles due to the Cloudflare error page I get (since the worker just injects headers), which causes CSP reports to be sent if I don’t allow them, so I was wondering if there was a way to hide it so I didn’t have to have those overrides.
Even if hiddden, it would still exist. Though there is a way - use uBlock Origin’s Block Element function and pick that entire section.
||xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.cloudflareworkers.com/.edgeworker-fiddle-init-preview/xxxxxxxxxxxxxxxxxxxxxiosprivacy.com/$subdocumentyeah I meant more of hide it as in “a way to disable it” instead of just “hiding it somewhere”, also how would the ublock origin rule work if the url keeps changing due to the random subdomain?
cloudflareworkers.com/.edgeworker-fiddle-init-preview/*example.com/$subdocument
(Attachment publicKey - [email protected] - dbd0a5f5.asc is missing)
I tried that but it doesn’t seem to work.
Try that. As it’s written in my email reply, it wouldn’t work well unless one ensures using the opening pipes.
To confirm - it works for me.
Hm, that works, but even after then hiding the preview too, I still have to expand the editor, plus theres still a gap because it won’t let me expand it fully.
Not perfect, but better than the alternative.
(Attachment publicKey - [email protected] - dbd0a5f5.asc is missing)
Yeah true, also I forgot that I could inject CSS via ublock origin, so I can make the editor full width, tho I wonder if I’ll be accidentally affecting other elements
||cloudflareworkers.com^$subdocument,important
dash.cloudflare.com##.Pane2.vertical.Pane
dash.cloudflare.com##.Pane1.vertical.Pane:style(width: 100% !important)