sprites.png is queried from blockly-demo.appspot.com instead of from JupyterLab server/a common CDN #102
Comments
|
Thanks for opening this issue, @Phoenix616. Sorry for the delayed response. Hm, this is a weird behaviour. We are not importing or loading any buttons or trashcan individually. In this extension, we are initializing the workspace and the trashcan automatically gets added to it. These would be the relevant pieces of code: jupyterlab-blockly/packages/blockly/src/layout.ts Lines 219 to 222 in a821459 This behaviour seems to not come from the extension itself, unless the setup for the workspace has changed and we need to update it. Just to clarify, on top of the trashcan, what other blockly buttons are you referring to? Also, from your debugging, was this something coming from the extension? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Right now the sprite which includes the buttons and the trash can seems to be queried from the blockly demo server as seen in the dev console:
This seems strange as a) it's a file from the blockly demo setup and not some CDN meant to be used like that, and b) leaks (potentially personally identifiable) user data to a third party in a way that most wont realise. (not even admins which would be required to mention this in their privacy statements or even allow that domain in their firewall)
I've even seen the trashcan icon break completely in certain privacy-minded browser setups that block requests to resources on third party domains.
I'm unsure if this is something one can adjust in the setup or if it needs to be changed/can be changed in the jupyterlab-blockly code or even needs to be done in blockly itself but sinceI noticed this being an issue in a Jupyterlab setup I thought the best start to bring up the issue would be here.
The text was updated successfully, but these errors were encountered: