generated html contains links to yahooapis.com

[noamtm]

See theme.json in both the default and simple themes. As a result, generated documentation always accesses an external website (running this in a corporate environment), which is a security issue. It also delays loading time (which is the reason I noticed it).

The fix should probably be a local copy of these files (cssgrids-min.css and yui-min.js), added to the assets directory of the generated docs.

Until this is fixed, is there a way for me to locally fix it (preferably using a script or even modifying the installed package)? I can't deliver documentation like that.

[okuryu]

I guess that you're able to avoid the problem by creating a theme, but I'll consider to revamp existing in the future.

[cibernox]

Same happened to me. Since I have an restrictive CSP policy, my app complains about yahooapis.com being an untrusted source. I can create a custom theme for now, but I leave my 👍 here for this to be changed.

[okuryu]

You're able to bypass it by specifying yui.yahooapis.com as default src if you're in CSP restricting, right? Anyway, I feel that we should do something for this issue.