Allow Lottie json files.

Open on Drupal.org →

Created on 15 May 2025, about 2 months ago

Problem/Motivation

I want to allow Lottie files to be hot linked from certain other websites. These files are json files. There doesn't seem to be a way to allow these files in the module.

Steps to reproduce

Hot link a lottie.json file from another website.

Proposed resolution

Create a form option for these types of files. json files in particular.

✨ Feature request

Status

Active

Version

2.0

Component

Code

Created by

🇺🇸United States jeffreysmattson

Live updates comments and jobs are added and updated live.

Sign in to follow issues

Comments & Activities

Issue created by @jeffreysmattson
Comment about 2 months ago →
🇨🇦Canada gapple
I'm not familiar with Lottie files. How the files are loaded determine which CSP directive that corresponds to.

If you're hosting them on your website, your own CSP policy would not be relevant - the policy of the site loading them would control if they can access urls from your site.

If you're consuming them on your site from an external url and are unsure which directives are necessary to modify, you can set a restrictive Report Only policy such as just default-src 'self', and then monitor the browser developer tools console for CSP violation messages which will tell you what directives were impacted.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024