Make Embed URL Configurable or Enforce HTTPS

This issue has been tracked since 2021-08-12.

Hi all!

We had an issue integrating the email editor into our app that may be a very simple upstream fix.

Our product is an electron app. By default, relative URLs in our app resolve to the file system with the file:// protocol. Because this package uses // to inherit the parent page's protocol when injecting the embed.js script tag, it looks for the embed.js file on disk instead of over http(s).

We have a quick and dirty fix hard coding the URL to be HTTPS here: [email protected]f46885d

Ideally, we would either be able to configure the embed URL on our end through a prop or env variable, or the module would enforce HTTPS for the script tag instead of inheriting the parent page's protocol (likely more secure for your consumers anyway).

Thoughts on one of these fixes so we don't have to maintain a branch with a five character change?

(Alternatives for us would be to include a base meta tag to force relative URLs to go over https, but this breaks a number of other things in our app, and has odd side effects on some frontend frameworks.)

faizan-ali wrote this answer on 2021-09-20

+1 to this

DerJacques wrote this answer on 2021-11-29

It looks like this was solved in the very last version of the package.
Here's the corresponding PR: #218

You can now do:

<EmailEditor scriptUrl='https://editor.unlayer.com/embed.js?2' />

Note that this isn't documented anywhere as of yet.

I also think that defaulting to https instead of the current protocol would be reasonable (since now, you will make sure to keep the scriptUrl up to date).

More Details About Repo
Owner Name unlayer
Repo Name react-email-editor
Full Name unlayer/react-email-editor
Language JavaScript
Created Date 2017-10-01
Updated Date 2022-12-05
Star Count 3598
Watcher Count 48
Fork Count 627
Issue Count 163

YOU MAY BE INTERESTED

Issue Title Created Date Updated Date