After setting up an alternate domain for our app, everything looked fine until testing some pages that use dynamic import.
I get the error POST http://localhost:3000/__meteor__/dynamic-import/fetch net::ERR_BLOCKED_BY_CLIENT
I have removed the CSP header completely and the browser doesn’t really tell me why it blocks the call. Any ideas?
Is there any way to configure dynamic import to load from a different host than ROOT_URL?
/Per
Turns out the dynamic import package has a not-so-well-documented setting that uses the window.location value as a basis for fetching data. Just put it in the public section of your meteor settings
{
"public": {
"packages": {
"dynamic-import": {
"useLocationOrigin": true
}
}
}
}
Along with a strict CSP header, this does not compromise security.
I happened to have the same problem and the above Meteor env fixes it. However, is there a node env alternative? Asking since we do not rely on Meteor.settings in prod.