Issue #3216💬 AnsweredOpened January 5, 2021by tomhatzer2 reactions
bugenhancementquestiondocumentationtypescript

Add referrerPolicy to image loading through asset manager

Quick answerby artf1

As already replied to the PR, this can be done by extending the image component if necessary, without the risk of breaking the integration for others. And as a note, when you want to add a feature, you should always think about how this will work for others. So, if the referrerPolicy thing offers more options, it prob...

Read full answer below ↓

Question

What are you trying to add to GrapesJS? I'm trying to add the Referer header to image loading through asset manager. Describe your feature request detailed I'm working on a pagebuilder that's hosted on AWS. To stop people hotlinking my images, I've implemented AWS WAF which restricts image loading to the referer domain (my own domains). When loading an image programmatically using .src there is no referer header being sent resulting in broken/non displayable images (403 errors from the webserver). We can solve this problem by setting the referrerPolicy attribute to origin. More details about...

Answers (4)

artfJanuary 5, 2021

As already replied to the PR, this can be done by extending the image component if necessary, without the risk of breaking the integration for others. And as a note, when you want to add a feature, you should always think about how this will work for others. So, if the referrerPolicy thing offers m...

tomhatzerJanuary 5, 2021

Thank you very much for the tipp @artf - I'll try to get this done by extending the original component. Have a great day! 😃

tomhatzerJanuary 7, 2021

For everyone who has the same problem that the iframe doesn't send referrer headers for content displayed inside of it, here's a quick and dirty fix. Just set the Canvas iFrame src to your desired domain that you want to use the referrer with. In my case I wanted to have the same domain like for th...

GJSBlockMay 17, 2026

Thanks for reporting this, @tomhatzer. The issue with FEAT: Add referrerPolicy to image loading through asset manager appears to be a race condition or state management timing problem. This typically happens when component lifecycle events and DOM modifications overlap, creating an inconsistent sta...

View full discussion on GitHub →

Related Questions and Answers

Continue research with similar issue discussions.

Issue #3561

FEAT: Enhanced Shadow DOM Support

What are you trying to add to GrapesJS? Better Shadow DOM support, allowing developers to render GrapesJS inside a Shadow element without h...

4 answersUpdated July 21, 2021

Issue #6416

htmlentities > breaking remote storage - Displays undefined

GrapesJS version [x] I confirm to use the latest version of GrapesJS What browser are you using? Firefox and Chrome Reproducible demo link...

2 answersUpdated March 5, 2025

Issue #5312

Issue with rich text editor Indent action for Lists

GrapesJS version[X] I confirm to use the latest version of GrapesJSWhat browser are you using? Chrome V115Reproducible demo link https://js...

2 answersUpdated August 23, 2023

Issue #4385

index.d.ts says that run commands should return void but docs say their return value may be used

GrapesJS version [X] I confirm to use the latest version of GrapesJS What browser are you using? Any Reproducible demo link https://grapesj...

2 answersUpdated June 18, 2022

Paid Plugins That Match This Issue

Curated by issue keywords and label relevance to help you ship faster.

View all plugins

Loading paid plugin recommendations...

Free option

Check the open-source GrapesJS plugins on GitHub or run a quick search in our free catalog.

Browse free plugins →
Premium option

Premium plugins ship with support, regular updates, and production-ready features — save days of integration work.

Browse premium plugins →

Related tutorials

In-depth guides on the same topic.

All tutorials →

Tutorial

How to Build a Production GrapesJS Editor: The Complete Walkthrough of Brief, Preset, Plugins, and Services

A complete walkthrough of building a production GrapesJS editor: how to choose a preset, pick plugins, and scope setup services without burning a sprint.

Tutorial

GrapesJS Inline RTE Plugins Update: CKEditor 5 v0.1.4 and Froala Inline Text Editor

CKEditor 5 Inline for GrapesJS v0.1.4 fixes Studio SDK toolbar clipping, iframe injection and link balloon bugs. Compare with Froala Inline — both $69.

Tutorial

Embed GrapesJS in Your SaaS: A Weekend Guide

Embed GrapesJS in your SaaS and ship a white-label page builder over a weekend. Honest tradeoffs, real code, and the plugins that close the UX gap.

Browse Plugin Categories

Jump directly to plugin category pages on the marketplace.

PresetsPluginsComponentsBlocksAssetsCommandsI18nLayersStylesStoragesRTENewslettersWeb pagesSite builders