Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

App user QR code violates CSP directive #629

Open
matthew-white opened this issue Apr 10, 2024 · 0 comments
Open

App user QR code violates CSP directive #629

matthew-white opened this issue Apr 10, 2024 · 0 comments
Labels
ops Docker, ops to deploy Central

Comments

@matthew-white
Copy link
Member

matthew-white commented Apr 10, 2024
edited

Problem description

When I view an app user QR code in Frontend, I see an error in the browser console in Chrome:

[Report Only] Refused to load the image 'data:image/gif;base64,...' because it violates the following Content Security Policy directive: "img-src *". Note that '*' matches only URLs with network schemes ('http', 'https', 'ws', 'wss'), or URLs whose scheme matches `self`'s scheme. The scheme 'data:' must be added explicitly.

URL of the page

https://staging.getodk.cloud/#/projects/85/app-users

Steps to reproduce the problem

  1. Navigate to the URL above.
  2. Open the browser console.
  3. Click "See code".

Central version shown in version.txt

versions:
f0b2a90bce34fc13b0df4affd8b3158d57bcf904 (v2023.5.1-5-gf0b2a90)
+2bb17a501416814bbd987ddc953abc5b0c40c58a client (v2023.5.0-43-g2bb17a50)
+267e0ad7806057fc82894f58bea680627f1de5cd server (v2023.5.0-49-g267e0ad7)
@matthew-white matthew-white added the ops Docker, ops to deploy Central label Apr 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
ops Docker, ops to deploy Central
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@matthew-white