[JS] calling custom local API from cloud.seatable.io

Hello !!
We have a local network printing service that allows to print custom documents with just an HTTP call with some parameters.
We got it working with a button and “Access an URL” function but it’s kinda annoying … ugly (it’s just an API call so it replies with a JSON “ok” object basically) … thus a little confusing for the less tech savy users here …
We tried to implement it in JS … and got it all working with fields replacement with actual values from the table and all but are stuck at the part where the request should be made :
Content-Security-Policy : Les paramètres de la page ont empêché le chargement d’une ressource (connect-src) à l’adresse car elle enfreint la directive suivante : « connect-src ‘self’ https://market.seatable.io https: »
(Sorry for the french text … but since it’s standard error, I would guess you get it ?)

Any solution to that case ??

I assume you run a local SeaTable Server. (This kind of information helps generally as it does away with the guesswork :wink: .)

You must modify the Security Headers configured in your proxy server. (Which is caddy in case of the default deployment as per our Admin Manual.)

Please have a look here:

Ohh I’m sorry!
I thought that this error message :

connect-src ‘self’ https:// market .seatable .io

Would make it obvious that it was on cloud. seatable. io … Besides I think I initially wrote it specifically … but it seems it disappeared when I rephrased my question …

Which is also the reason I doubt there’s much we can do about it … but since you guys definitely are way smarter than I am … you might have a solution to that …

We’re still on cloud. seatable. io just for that base because we use Universal Apps for this one and they seem not (yet?) available on the developper edition (?)

PS: sorry for spaces in the domains … It wouldn’t let me post otherwise …

EDIT : oh actually … it was specified in the post title … I hadn’t accidentally redacted it …

Oh, it is written in the title. Didn’t see it.

You are trying to access a local IP address (192.168…) from the cloud. This cannot work.

The developer edition does not ship with the app builder.

1 Like

Well technically since it’s JS I believe it’s still called from the local computer (so it could technically work … ) … but Yeah I get it no way to go around CSP … (inbetween I’ve also seen it’s not possible to allow specific IP even less IP-range … I was hoping it could be possible to allow in a way the local adresses … since it’s kind of a more limited risk … but seems like it isn’t possible by CSP anyway … )
Thanks for your answer

Good point. Didn’t think of that as a pythonist. Apologies.

1 Like

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.