[ https://issues.apache.org/jira/browse/OPENMEETINGS-2647?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Uwe Simon updated OPENMEETINGS-2647: ------------------------------------ Description: The Webconsole shows several errors/warings with "Content Security Policy violations". Seems this could be the reason, that on Windows and Firefox 88 in a rooms the upper left menu bar is not visible, so exit and the other menu items are not accessabe.. Chrome: jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2 Refused to load the stylesheet 'https://132.145.244.181:5443/openmeetings/group/customcss/2' because it violates the following Content Security Policy directive: "style-src 'nonce-vi6tcS3Be_DzYEa6oQBtUKmN' [https://fonts.googleapis.com/css]". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback. Firefox 90.2 (Linux): 20:28:30.415 Content Security Policy: Die Einstellungen der Seite haben das Laden einer Ressource auf [https://132.145.244.181:5443/openmeetings/group/customcss/2] blockiert ("style-src"). [jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2:50992|https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.wicket.resource.JQueryResourceReference/jquery/jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js] 20:28:30.441 Content Security Policy: Die Einstellungen der Seite haben das Laden einer Ressource auf data:video/webm;base64,GkXfowEAAAAAAAAfQ… blockiert ("media-src"). Firefox 91 (Win10): Content Security Policy: Die Einstellungen der Seite haben das Laden einer Ressource auf [https://132.145.244.181:5443/openmeetings/group/customcss/2] blockiert ("style-src"). [jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2:50992|https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.wicket.resource.JQueryResourceReference/jquery/jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js] Content Security Policy: Die Einstellungen der Seite haben das Laden einer Ressource auf data:video/webm;base64,GkXfowEAAAAAAAAfQ… blockiert ("media-src"). Alle Kandidaten für die Ressource konnten nicht geladen werden. Medien-Laden pausiert. [openmeetings|https://132.145.244.181:5443/openmeetings/#room/7] Uncaught (in promise) DOMException: The play method is not allowed by the user agent or the platform in the current context, possibly because the user denied permission. Uncaught (in promise) DOMException: The play method is not allowed by the user agent or the platform in the current context, possibly because the user denied permission. room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1:22151 value https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.openmeetings.web.room.RoomPanel/room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1 (Async: promise callback) value https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.openmeetings.web.room.RoomPanel/room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1 load https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.openmeetings.web.room.RoomPanel/room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1 <anonym> https://132.145.244.181:5443/openmeetings/#room/7 line 1 > injectedScript:71 <anonym> https://132.145.244.181:5443/openmeetings/#room/7 line 1 > injectedScript:71 jQuery 55 was: The Webconsole shows several errors/warings with "Content Security Policy violations". Chrome: jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2 Refused to load the stylesheet 'https://132.145.244.181:5443/openmeetings/group/customcss/2' because it violates the following Content Security Policy directive: "style-src 'nonce-vi6tcS3Be_DzYEa6oQBtUKmN' [https://fonts.googleapis.com/css]". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback. Firefox 90.2 (Linux): 20:28:30.415 Content Security Policy: Die Einstellungen der Seite haben das Laden einer Ressource auf [https://132.145.244.181:5443/openmeetings/group/customcss/2] blockiert ("style-src"). [jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2:50992|https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.wicket.resource.JQueryResourceReference/jquery/jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js] 20:28:30.441 Content Security Policy: Die Einstellungen der Seite haben das Laden einer Ressource auf data:video/webm;base64,GkXfowEAAAAAAAAfQ… blockiert ("media-src"). > Content Security Policy Errors/Warning > -------------------------------------- > > Key: OPENMEETINGS-2647 > URL: https://issues.apache.org/jira/browse/OPENMEETINGS-2647 > Project: Openmeetings > Issue Type: Bug > Components: UI > Affects Versions: 6.1.0 > Reporter: Uwe Simon > Assignee: Maxim Solodovnik > Priority: Major > > The Webconsole shows several errors/warings with > "Content Security Policy violations". > > Seems this could be the reason, that on Windows and Firefox 88 in a rooms the > upper left menu bar is not visible, so exit and the other menu items are not > accessabe.. > Chrome: > jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2 Refused to load the > stylesheet 'https://132.145.244.181:5443/openmeetings/group/customcss/2' > because it violates the following Content Security Policy directive: > "style-src 'nonce-vi6tcS3Be_DzYEa6oQBtUKmN' > [https://fonts.googleapis.com/css]". Note that 'style-src-elem' was not > explicitly set, so 'style-src' is used as a fallback. > > Firefox 90.2 (Linux): > 20:28:30.415 Content Security Policy: Die Einstellungen der Seite haben das > Laden einer Ressource auf > [https://132.145.244.181:5443/openmeetings/group/customcss/2] blockiert > ("style-src"). > [jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2:50992|https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.wicket.resource.JQueryResourceReference/jquery/jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js] > 20:28:30.441 Content Security Policy: Die Einstellungen der Seite haben das > Laden einer Ressource auf data:video/webm;base64,GkXfowEAAAAAAAAfQ… blockiert > ("media-src"). > > > Firefox 91 (Win10): > > Content Security Policy: Die Einstellungen der Seite haben das Laden einer > Ressource auf [https://132.145.244.181:5443/openmeetings/group/customcss/2] > blockiert ("style-src"). > [jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2:50992|https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.wicket.resource.JQueryResourceReference/jquery/jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js] > Content Security Policy: Die Einstellungen der Seite haben das Laden einer > Ressource auf data:video/webm;base64,GkXfowEAAAAAAAAfQ… blockiert > ("media-src"). > Alle Kandidaten für die Ressource konnten nicht geladen werden. Medien-Laden > pausiert. [openmeetings|https://132.145.244.181:5443/openmeetings/#room/7] > Uncaught (in promise) DOMException: The play method is not allowed by the > user agent or the platform in the current context, possibly because the user > denied permission. > > Uncaught (in promise) DOMException: The play method is not allowed by the > user agent or the platform in the current context, possibly because the user > denied permission. room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1:22151 > value > https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.openmeetings.web.room.RoomPanel/room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1 > (Async: promise callback) > value > https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.openmeetings.web.room.RoomPanel/room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1 > load > https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.openmeetings.web.room.RoomPanel/room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1 > <anonym> https://132.145.244.181:5443/openmeetings/#room/7 line 1 > > injectedScript:71 > <anonym> https://132.145.244.181:5443/openmeetings/#room/7 line 1 > > injectedScript:71 > jQuery 55 -- This message was sent by Atlassian Jira (v8.3.4#803005)