Skip to content

Add api.dune.com to recommended CSP connect-src directive #569

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

Add api.dune.com to recommended CSP connect-src directive #569

wants to merge 2 commits into from

Conversation

@devin-ai-integration
Copy link
Contributor

@devin-ai-integration devin-ai-integration bot commented Jul 16, 2025
edited
Loading

Add api.dune.com to recommended CSP connect-src directive

Summary

Added https://api.dune.com to the recommended Content Security Policy (CSP) connect-src directive in the security documentation. This allows applications using the recommended CSP to make network requests to the Dune Analytics API.

Files changed:

  • advanced/security/content-security-policy.mdx - Added Dune API endpoint to the CSP connect-src list

Review & Testing Checklist for Human

  • Verify URL accuracy: Confirm https://api.dune.com is the correct Dune Analytics API endpoint
  • Test documentation rendering: Ensure the CSP code block still renders correctly on the docs site
  • Security review: Confirm this URL should be whitelisted in the recommended CSP for AppKit users

Diagram

%%{ init : { "theme" : "default" }}%%
graph TD
    A["advanced/security/<br/>content-security-policy.mdx"]:::major-edit
    B["CSP connect-src directive"]:::context
    C["Dune Analytics API<br/>https://api.dune.com"]:::context
    D["Other whitelisted domains<br/>(WalletConnect, etc.)"]:::context
    
    A --> B
    B --> C
    B --> D
    
    subgraph Legend
        L1["Major Edit"]:::major-edit
        L2["Minor Edit"]:::minor-edit  
        L3["Context/No Edit"]:::context
    end
    
    classDef major-edit fill:#90EE90
    classDef minor-edit fill:#87CEEB
    classDef context fill:#FFFFFF
Loading

Notes

@devin-ai-integration devin-ai-integration bot requested a review from tomiir July 16, 2025 17:19
@devin-ai-integration
Copy link
Contributor Author

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

  • Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
  • Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

  • Disable automatic comment and CI monitoring

@github-actions
Copy link

@devin-ai-integration[bot] Please review the tone of voice for the content changes in this PR against Reown's brand guidelines.

📝 Content Review Request

Files to review: 1

  • advanced/security/content-security-policy.mdx

Review focus:

  • Tone alignment with Reown's brand guidelines
  • Clear and accessible language for developers
  • Professional yet approachable communication
  • Consistent terminology usage

Guidelines summary:

  • Clear & Accessible: Translate complex ideas into approachable language
  • Professional yet Friendly: Maintain authority while being welcoming
  • Developer-Focused: Understand technical audience but remain inclusive
  • Avoid: Overly casual language, fear-based messaging, buzzwords, jargon without explanation
  • Embrace: Clear explanations, confident tone, transparency, respectful communication

Please analyze the content changes and provide constructive feedback on tone and voice alignment.

@github-actions
Copy link

@devin-ai-integration[bot] Please review the tone of voice for the content changes in this PR against Reown's brand guidelines.

📝 Content Review Request

Files to review: 1

  • advanced/security/content-security-policy.mdx

Review focus:

  • Tone alignment with Reown's brand guidelines
  • Clear and accessible language for developers
  • Professional yet approachable communication
  • Consistent terminology usage

Guidelines summary:

  • Clear & Accessible: Translate complex ideas into approachable language
  • Professional yet Friendly: Maintain authority while being welcoming
  • Developer-Focused: Understand technical audience but remain inclusive
  • Avoid: Overly casual language, fear-based messaging, buzzwords, jargon without explanation
  • Embrace: Clear explanations, confident tone, transparency, respectful communication

Please analyze the content changes and provide constructive feedback on tone and voice alignment.

@rtomas rtomas closed this Oct 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tomiir tomiir tomiir approved these changes

Assignees

@tomiir tomiir

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@tomiir @rtomas