nogafam
/
fedilove-ui
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

CSP issues #1

New Issue
Open
opened 2021-04-27 11:17:07 +00:00 by coffeverton · 1 comment
coffeverton commented 2021-04-27 11:17:07 +00:00
Copy Link

Hi!
I just deployed fedilove-ui on Heroku, and it seems to have some issues.

Whenever I click on the "heart" icon, the console shows an error message related to CSP directives.

Also, when I enter the "profile" page, the 5 icons seems to be misplaced, and they do not work -I get the same CSP error message.

Do you have a fix for this error? Or could you point me on how to fix it? I'm a PHP developer and have some javascript skills, but I never worked with nodejs.

The url to the version that I deployed is https://fedilove-ui-test.herokuapp.com/.

The error message that I got is this:

Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'self' 'sha256-fM8bPHTtg62HWLF582AUElbUYoLeNdbgfS5Wim6+X2E=' 'sha256-Rv0XCoOhq4H0QyKE7rEhr+e9GI5gsmGcC04fY0HPORc=' 'sha256-28NJWgGMi7z1BsySG4SYZCjth/ys7dkElS3oIl5ZEqM=' 'sha256-nUHIts9QUqQq4nfffteH1WG3ZeWESwmxZn6bWMNWsiM=' 'sha256-MGLg9fH15qQqEcT+iTfwx/cfVp2MgjSrVt08u3NVKa8=' 'sha256-OQjxgqHHnjfZwkCEsAo2MRjd3GuPmg+RvmjrZd35TN4=' 'sha256-sS3nggZVNGyoYqI7U/PSwnwI4CymIdHNgJwW49qztWo=' 'sha256-aASq1hOJ8PP2cfK9QGXaCLdqgtkDXDb5VFXlSyrpX/M=' 'sha256-1ujkGrbsh0Yx/bquh2I9gkG1ZaZetCkjre6vciK2u7U='". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution.

Hi! I just deployed fedilove-ui on Heroku, and it seems to have some issues. Whenever I click on the "heart" icon, the console shows an error message related to CSP directives. Also, when I enter the "profile" page, the 5 icons seems to be misplaced, and they do not work -I get the same CSP error message. Do you have a fix for this error? Or could you point me on how to fix it? I'm a PHP developer and have some javascript skills, but I never worked with nodejs. The url to the version that I deployed is https://fedilove-ui-test.herokuapp.com/. The error message that I got is this: > Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'self' 'sha256-fM8bPHTtg62HWLF582AUElbUYoLeNdbgfS5Wim6+X2E=' 'sha256-Rv0XCoOhq4H0QyKE7rEhr+e9GI5gsmGcC04fY0HPORc=' 'sha256-28NJWgGMi7z1BsySG4SYZCjth/ys7dkElS3oIl5ZEqM=' 'sha256-nUHIts9QUqQq4nfffteH1WG3ZeWESwmxZn6bWMNWsiM=' 'sha256-MGLg9fH15qQqEcT+iTfwx/cfVp2MgjSrVt08u3NVKa8=' 'sha256-OQjxgqHHnjfZwkCEsAo2MRjd3GuPmg+RvmjrZd35TN4=' 'sha256-sS3nggZVNGyoYqI7U/PSwnwI4CymIdHNgJwW49qztWo=' 'sha256-aASq1hOJ8PP2cfK9QGXaCLdqgtkDXDb5VFXlSyrpX/M=' 'sha256-1ujkGrbsh0Yx/bquh2I9gkG1ZaZetCkjre6vciK2u7U='". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution.
bofh commented 2021-05-15 23:18:05 +00:00
Owner
Copy Link

Hi,

This project is a bit stale and i don't have the time/priority to solve this problem yet.

Hi, This project is a bit stale and i don't have the time/priority to solve this problem yet.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: nogafam/fedilove-ui#1
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?