unlayer
Make Embed URL Configurable or Enforce HTTPS
Hi all!
We had an issue integrating the email editor into our app that may be a very simple upstream fix.
Our product is an electron app. By default, relative URLs in our app resolve to the file system with the file:// protocol. Because this package uses // to inherit the parent page's protocol when injecting the embed.js script tag, it looks for the embed.js file on disk instead of over http(s).
We have a quick and dirty fix hard coding the URL to be HTTPS here: https://github.com/universe/react-email-editor/commit/f46885daf59207b609bc4f2d180d9dbd77a4b130
Ideally, we would either be able to configure the embed URL on our end through a prop or env variable, or the module would enforce HTTPS for the script tag instead of inheriting the parent page's protocol (likely more secure for your consumers anyway).
Thoughts on one of these fixes so we don't have to maintain a branch with a five character change?
(Alternatives for us would be to include a base meta tag to force relative URLs to go over https, but this breaks a number of other things in our app, and has odd side effects on some frontend frameworks.)
It looks like this was solved in the very last version of the package. Here's the corresponding PR: https://github.com/unlayer/react-email-editor/pull/218
You can now do:
<EmailEditor scriptUrl='https://editor.unlayer.com/embed.js?2' />
Note that this isn't documented anywhere as of yet.
I also think that defaulting to https instead of the current protocol would be reasonable (since now, you will make sure to keep the scriptUrl up to date).
