2dfd61094ec3e548f25f56e83379f85ec22cfab5
chmalee
  Thu Oct 31 16:48:26 2024 -0700
Start using Uppy instead of my own UI

diff --git src/lib/htmshell.c src/lib/htmshell.c
index 850fb7f..dc54acc 100644
--- src/lib/htmshell.c
+++ src/lib/htmshell.c
@@ -1033,30 +1033,33 @@
 dyStringAppend(policy, " maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.js");
 dyStringAppend(policy, " maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js");
 dyStringAppend(policy, " maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js");
 
 dyStringAppend(policy, " d3js.org/d3.v3.min.js");
 
 // jsHelper
 dyStringAppend(policy, " cdn.datatables.net/1.10.12/js/jquery.dataTables.min.js");
 dyStringAppend(policy, " cdn.datatables.net/2.1.3/js/dataTables.min.js");
 dyStringAppend(policy, " cdn.datatables.net/buttons/3.1.1/js/dataTables.buttons.min.js");
 
 // shephered js for tutorial overlay
 dyStringAppend(policy, " cdn.jsdelivr.net/npm/shepherd.js@11.0.1/dist/js/shepherd.min.js");
 dyStringAppend(policy, " www.google.com/recaptcha/api.js");
 
+// uppy for hubSpace uploads
+dyStringAppend(policy, " releases.transloadit.com/uppy/v4.5.0/uppy.min.js");
+
 dyStringAppend(policy, ";");
 
 
 dyStringAppend(policy, " style-src * 'unsafe-inline';");
 
 /* more secure method not used yet 
 dyStringAppend(policy, " style-src 'self' 'unsafe-inline'");
 dyStringAppend(policy, " code.jquery.com");          // used by hgIntegrator
 dyStringAppend(policy, " netdna.bootstrapcdn.com");  // used by hgIntegrator
 dyStringAppend(policy, " fonts.googleapis.com");    // used by hgGateway
 dyStringAppend(policy, " maxcdn.bootstrapcdn.com"); // used by hgGateway
 dyStringAppend(policy, ";");
 */
 
 // The data: protocol is used by popular browser extensions.