fix(security): allow more strict CSP for SVG assets (#9209)

Refs #7540

webpack/_config-builder.js

@@ -26,9 +26,16 @@ const baseRules = [
       cacheDirectory: true,
     },
   },
-  { test: /\.(txt|yaml)$/, type: "asset/source" },
   {
-    test: /\.(png|jpg|jpeg|gif|svg)$/,
+    test: /\.(txt|yaml)$/,
+    type: "asset/source",
+  },
+  {
+    test: /\.svg$/,
+    use: ["@svgr/webpack"],
+  },
+  {
+    test: /\.(png|jpg|jpeg|gif)$/,
     type: "asset/inline",
   },
 ]

webpack/dev.js

@@ -89,7 +89,11 @@ const devConfig = configBuilder(
           type: "asset/source",
         },
         {
-          test: /\.(png|jpg|jpeg|gif|svg)$/,
+          test: /\.svg$/,
+          use: ["@svgr/webpack"],
+        },
+        {
+          test: /\.(png|jpg|jpeg|gif)$/,
           type: "asset/inline",
         },
       ],