d-bis/explorer-monorepo
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Docs: update all documentation and add overview

Browse Source 
- README: add Frontend section, deploy script, docs links, status
- docs/README.md: new documentation overview (entry points, frontend, deployment)
- docs/EXPLORER_API_ACCESS.md: reference deploy-frontend-to-vmid5000.sh for frontend-only deploy
- docs/INDEX.md: add Frontend & Explorer section, fix Quick Start, Last Updated
- README_DEPLOYMENT: add docs/README, EXPLORER_API_ACCESS, deploy script, deployment guide
- frontend/FRONTEND_REVIEW.md: add post-review update (C1–L4 implemented)

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
defiQUG
2026-02-10 19:02:19 -08:00
parent 2b956a5a83
commit b1415f15fc
6 changed files with 95 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/EXPLORER_API_ACCESS.md
View File

@@ -22,7 +22,7 @@ The ethers.js v5 UMD bundle from the CDN uses `eval`/`new Function()` for ABI de
If the browser still reports **“Content Security Policy blocks the use of 'eval'”** or **script-src blocked**:
1. **Redeploy the frontend** so the live site gets the current `index.html` (with the meta CSP including `'unsafe-eval'`). For VMID 5000, run `scripts/complete-explorer-api-access.sh` or copy `frontend/public/index.html` to the servers web root (e.g. `/var/www/html/`).
1. **Redeploy the frontend** so the live site gets the current `index.html` (with the meta CSP including `'unsafe-eval'`). For VMID 5000, run **`scripts/deploy-frontend-to-vmid5000.sh`** (frontend-only) or **`scripts/complete-explorer-api-access.sh`** (full). Alternatively, copy `frontend/public/index.html` to the servers web root (e.g. `/var/www/html/`).
2. **Check what CSP the browser sees** DevTools → Network → select the document request (the HTML page) → Headers → **Response Headers**`Content-Security-Policy`. It should contain `'unsafe-eval'` in `script-src`. If the response has a CSP header **without** `'unsafe-eval'`, that header is coming from your server (nginx or app) or from a proxy (e.g. Cloudflare). Update the config that serves the explorer so its CSP includes `'unsafe-eval'`, then reload (hard refresh or incognito).
3. **If you use Cloudflare** In the dashboard, check Transform Rules, Page Rules, or Security → Settings for any **Content-Security-Policy** (or similar) header that might override the origin. Ensure that headers `script-src` includes `'unsafe-eval'`, or remove the override so the origin CSP is used.