From 354bed1c32ebc03debf0d4467d1e9c8fd4948f2c Mon Sep 17 00:00:00 2001
From: CenTdemeern1 <timo.herngreen@gmail.com>
Date: Wed, 16 Oct 2024 19:26:33 +0200
Subject: [PATCH] Commit to raw.esm.sh

This commit also adds an error message for when the Content Security Policy is likely at fault for blocking it.
---
 packages/frontend/src/components/SkFlashPlayer.vue | 13 +++++++++++--
 packages/frontend/src/index.html                   |  4 ++--
 packages/frontend/vite.config.local-dev.ts         |  2 +-
 packages/frontend/vite.config.ts                   |  2 +-
 4 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/packages/frontend/src/components/SkFlashPlayer.vue b/packages/frontend/src/components/SkFlashPlayer.vue
index aa6dfdc642..4fc54fcc2a 100644
--- a/packages/frontend/src/components/SkFlashPlayer.vue
+++ b/packages/frontend/src/components/SkFlashPlayer.vue
@@ -106,7 +106,7 @@ async function loadRuffle() {
 
 	window.RufflePlayer.config = {
 		// Options affecting the whole page
-		'publicPath': `https://esm.sh/@ruffle-rs/ruffle@${packageInfo.dependencies['@ruffle-rs/ruffle']}/`,
+		'publicPath': `https://raw.esm.sh/@ruffle-rs/ruffle@${packageInfo.dependencies['@ruffle-rs/ruffle']}/`,
 		'polyfills': false,
 
 		// Options affecting files only
@@ -171,7 +171,16 @@ function loadContent() {
 	loadingStatus.value = 'Loading Flash file';
 	player.value.load(url.value).then(() => {
 		loadingStatus.value = undefined;
-	}).catch(handleError);
+	}).catch(error => {
+		fetch('https://raw.esm.sh/', {
+			mode: 'cors',
+		}).then(() => {
+			handleError(error); // Unexpected error
+		}).catch(() => {
+			// Must be CSP because esm.sh should be online if `loadRuffle()` didn't fail
+			handleError('raw.esm.sh could not be accessed, meaning this instance\'s Content Security Policy is likely out of date. Please contact your instance administrators.');
+		});
+	});
 }
 
 function playPause() {
diff --git a/packages/frontend/src/index.html b/packages/frontend/src/index.html
index 55d6b6cffd..c03902f505 100644
--- a/packages/frontend/src/index.html
+++ b/packages/frontend/src/index.html
@@ -18,11 +18,11 @@
 		http-equiv="Content-Security-Policy"
 		content="default-src 'self' https://newassets.hcaptcha.com/ https://challenges.cloudflare.com/ http://localhost:7493/;
 			worker-src 'self' blob:;
-			script-src 'self' 'unsafe-eval' https://*.hcaptcha.com https://challenges.cloudflare.com https://esm.sh https://cdn.jsdelivr.net;
+			script-src 'self' 'unsafe-eval' https://*.hcaptcha.com https://challenges.cloudflare.com https://esm.sh https://cdn.jsdelivr.net https://raw.esm.sh;
 			style-src 'self' 'unsafe-inline';
 			img-src 'self' data: blob: www.google.com xn--931a.moe localhost:3000 localhost:5173 127.0.0.1:5173 127.0.0.1:3000 activitypub.software secure.gravatar.com avatars.githubusercontent.com;
 			media-src 'self' localhost:3000 localhost:5173 127.0.0.1:5173 127.0.0.1:3000;
-			connect-src 'self' localhost:3000 localhost:5173 127.0.0.1:5173 127.0.0.1:3000 https://newassets.hcaptcha.com https://api.listenbrainz.org https://api.friendlycaptcha.com;
+			connect-src 'self' localhost:3000 localhost:5173 127.0.0.1:5173 127.0.0.1:3000 https://newassets.hcaptcha.com https://api.listenbrainz.org https://api.friendlycaptcha.com https://raw.esm.sh;
 			frame-src *;"
 	/>
 	<meta property="og:site_name" content="[DEV BUILD] Misskey" />
diff --git a/packages/frontend/vite.config.local-dev.ts b/packages/frontend/vite.config.local-dev.ts
index c38da64e55..82cda7baf0 100644
--- a/packages/frontend/vite.config.local-dev.ts
+++ b/packages/frontend/vite.config.local-dev.ts
@@ -34,7 +34,7 @@ const externalPackages = [
 		path(id: string, pattern: RegExp): string {
 			const match = pattern.exec(id)?.groups;
 			return match
-				? `https://esm.sh/@ruffle-rs/ruffle@${packageInfo.dependencies['@ruffle-rs/ruffle']}/${match['file']}`
+				? `https://esm.sh/@ruffle-rs/ruffle@${packageInfo.dependencies['@ruffle-rs/ruffle']}/${match['file']}?raw`
 				: id;
 		},
 	},
diff --git a/packages/frontend/vite.config.ts b/packages/frontend/vite.config.ts
index ae66106e6c..cb15eb1fba 100644
--- a/packages/frontend/vite.config.ts
+++ b/packages/frontend/vite.config.ts
@@ -35,7 +35,7 @@ const externalPackages = [
 		path(id: string, pattern: RegExp): string {
 			const match = pattern.exec(id)?.groups;
 			return match
-				? `https://esm.sh/@ruffle-rs/ruffle@${packageInfo.dependencies['@ruffle-rs/ruffle']}/${match['file']}`
+				? `https://esm.sh/@ruffle-rs/ruffle@${packageInfo.dependencies['@ruffle-rs/ruffle']}/${match['file']}?raw`
 				: id;
 		},
 	},