fix: add file+.vscode-resource.vscode-cdn.net to CSP for portable VS Code support #5951
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![roomote[bot]](https://avatars.githubusercontent.com/in/1546624?s=60&v=4){kind=small}
…Code support - Added file+.vscode-resource.vscode-cdn.net protocol to connect-src and media-src directives - This fixes audio playback and API requests in portable VS Code environments - Updated tests to verify the CSP includes the necessary protocols Fixes #5949
dosubot
bot
added
size:S
hannesrudolph
added
the
Issue/PR - Triage
|
Update: standalone non-portable installation of VS code works. But I still see these warning just before the session started. Could be same or related issue. |
hannesrudolph
added
PR - Needs Preliminary Review
and removed
Issue/PR - Triage
|
It seems that this PR doesn't fix the problem, the issue itself needs proper scoping considering it only seems to affect the portable VScode: https://code.visualstudio.com/docs/editor/portable |
github-project-automation
bot
moved this from PR [Needs Prelim Review]
to Done
in Roo Code Roadmap
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR fixes issue #5949 where Roo Code hangs in portable VS Code environments due to Content Security Policy (CSP) violations.
Problem
When using Roo Code in a portable VS Code installation, the extension fails to:
file+.vscode-resource.vscode-cdn.netprotocolSolution
Added
file+.vscode-resource.vscode-cdn.net:to the CSP directives:connect-srcto allow API requestsmedia-srcto allow audio file playbackChanges
src/core/webview/ClineProvider.tsfor both production and HMR buildssrc/core/webview/__tests__/ClineProvider.spec.tsto verify the CSP includes the necessary protocolsTesting
Fixes #5949
Important
Fixes CSP violations in portable VS Code by adding
file+.vscode-resource.vscode-cdn.net:to CSP directives inClineProvider.ts.file+.vscode-resource.vscode-cdn.net:toconnect-srcandmedia-srcinClineProvider.ts.ClineProvider.spec.tsto verify CSP includesfile+.vscode-resource.vscode-cdn.net:.This description was created by
for 537cd80. You can customize this summary. It will automatically update as commits are pushed.