Add custom protocol for serving local image assets#22
Merged
Conversation
Markdown files commonly reference images with relative or absolute filesystem paths (e.g. the Kafka README's <picture> logo). Those never loaded: the document origin is the app bundle/dev server and the CSP forbids file: images. Add an om-asset: custom protocol that serves local image files, rewrite img/source src and srcset references against the document's directory after render, and allow the scheme through the CSP. https://claude.ai/code/session_01T2U6dtaZLWCuztQVRFTj7U
Markdown files routinely embed remote images (e.g. the CI status badges in the Kafka README). The CSP only permitted local assets, so https images were blocked. Add https: to img-src. https://claude.ai/code/session_01T2U6dtaZLWCuztQVRFTj7U
A bare om-asset:///path URL had its first path segment consumed as the URL host (and lowercased), so local image requests 404'd/400'd. Carry the file path under a fixed `local` host instead. https://claude.ai/code/session_01T2U6dtaZLWCuztQVRFTj7U
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Implement a custom
om-asset:protocol to serve local image assets referenced in markdown documents. This allows markdown files to reference images using relative or absolute filesystem paths, which are resolved and served by the main process instead of failing to load due to CSP restrictions.Key Changes
AssetProtocolService (
src/main/services/AssetProtocolService.ts): New service that registers and handles theom-asset:protocol. The handler validates file extensions against a whitelist of image types, reads files from disk, and returns appropriate HTTP responses with correct content-type headers.Asset Resolver (
src/preload/assetResolver.ts): New preload utility that resolves image references from markdown documents toom-asset:URLs. Handles relative paths (resolved against the document directory), absolute paths, and leaves external URLs and data URIs untouched.Asset Path Rewriting (
src/renderer/utils/assetPaths.ts): New renderer utility that rewritessrcandsrcsetattributes in rendered markdown to use resolved asset URLs. Supports both simple<img>elements and<picture>elements with<source>tags.MarkdownViewer Integration (
src/renderer/components/MarkdownViewer.ts): Updated to call asset path rewriting after rendering markdown content, using the preload resolver via the Electron API.API Exposure (
src/preload/preload.ts,src/shared/types/api.ts): Exposedassets.resolve()method through the Electron API bridge to allow the renderer to resolve asset paths.Main Process Setup (
src/main/index.ts): Register the asset protocol scheme before app ready and handler after app ready.CSP Update (
index.html): Updated Content-Security-Policy to allowom-asset:scheme for images.Constants (
src/shared/constants/index.ts): AddedASSET_PROTOCOL_SCHEMEconstant.Implementation Details
file:andom-asset:schemes to maintain compatibility with Node's path utilities.https://claude.ai/code/session_01T2U6dtaZLWCuztQVRFTj7U