I am having security policy issues in our shopify hydrogen app, when we use gltf models from blender. They do not show up, even if it is just the default cube exported to glb, and we see a Security Policy issue in the browser.
I have tried just exporting a cube from blender as .glb and still get the issue.
My models are saved in the app under
public/models
Thanks
Lee
This is related to Hydrogen content security policy settings.
Probably this discussion may help - Loading 3D models / Content Security Policy · Shopify/hydrogen · Discussion #1313 · GitHub
It appears that they took the unsafe solution, and it is related to running a script which I think is the import gltf from babylonjs. I will see if I can work it out but for reference here are the two suggestions which others took the unsafe option for threejs. Also I can get .obj files to load but have to make sure the texture is in the same directory as the model.obj and not path in the .mtl file.
From github post for reference.
Hmmm, it looks like one of those third party libraries is doing an eval to load some JavaScript code. The default Content Security Policy disallows this to protect against cross-site scripting attacks. Your options are:
createContentSecurityPolicywithin entry.server.tsx: