-
-
Notifications
You must be signed in to change notification settings - Fork 6.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(plugin-legacy): avoid executing blank dynamic import #4767
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you remove the additional CSP hash and the references to it please?
Additional hash is for the |
Oh woops... for some reason I thought that empty string was one of the hashes. My mistake... |
Thanks @nulladdict, great that this fixes the issue and we don't have to do something hackier. Any reason the PR is a draft? |
Yes, I wanted to check everything once more, and I found a problem. The new banner code is completely gone from the modern bundle. It's probably optimized away by the rollup as "dead code", since the expression doesn't do anything and has no observable side effects. I tried change around the way code looks, but couldn’t make the code stay. One thing that worked is naming the function and exporting it, but that still doesn’t feel right. I know rollup has |
Oh... fun 😄
We could |
Importing `data:` uri doesn't pass strict CSP Export `__vite_legacy_guard` to keep rollup from removing it Closes #4568
I searched around a bit for other ways of preserving unused code, but haven't found any good alternatives. I'm not sure how safe it is to go the |
Hm, this actually breaks the SSR build -- $ vite build --ssr src/entry-server.ts --outDir dist/ssr
~/dist/ssr/entry-server.js:36
export function __vite_legacy_guard() {
^^^^^^
SyntaxError: Unexpected token 'export'
at wrapSafe (internal/modules/cjs/loader.js:984:16)
at Module._compile (internal/modules/cjs/loader.js:1032:27)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:1097:10)
at Module.load (internal/modules/cjs/loader.js:933:32)
at Function.Module._load (internal/modules/cjs/loader.js:774:14)
at Module.require (internal/modules/cjs/loader.js:957:19)
at require (internal/modules/cjs/helpers.js:88:18)
at Module._compile (internal/modules/cjs/loader.js:1068:30) |
But this was added only to the modern esmodule. Why is this present in entry-server.js? @tjk could you create a new issue for this? PR ideas are welcome, we can revert if not until we better understand the issue. |
@patak-js #4818 |
Description
Fix for CSP issue described in #4568
Additional context
What is the purpose of this pull request?
Before submitting the PR, please make sure you do the following
fixes #123
).