Pierre Smits created OFBIZ-12423:
------------------------------------
Summary: Font used with Helvetica theme generates CSP violations
Key: OFBIZ-12423
URL: https://issues.apache.org/jira/browse/OFBIZ-12423
Project: OFBiz
Issue Type: Bug
Components: themes
Affects Versions: Trunk
Reporter: Pierre Smits
The font used by the Helvetica theme generates multiple CSP violations
according to the inspector in the Firefox browser. See below.
{code:java}
Content Security Policy: The page’s settings observed the loading of a resource
at inline (“default-src”). A CSP report is being sent. 3 EditTaxAuthority
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJFQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJFQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJFQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJFQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJFQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJFQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJFQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJFQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJFQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJFQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
(“default-src”). A CSP report is being sent. 4
Content Security Policy: The page’s settings observed the loading of a resource
at inline (“default-src”). A CSP report is being sent. EditTaxAuthority
Cookie “auth_tkt” will be soon treated as cross-site cookie against
“https://localhost:8443/helveticus/js/helveticus.js” because the scheme does
not match. helveticus.js
Cookie “auth_tkt” will be soon treated as cross-site cookie against
“https://localhost:8443/accounting/control/EditTaxAuthority?taxAuthPartyId=AUT_BMF&taxAuthGeoId=AUT”
because the scheme does not match. 2 EditTaxAuthority
Cookie “auth_tkt” will be soon treated as cross-site cookie against
“https://localhost:8443/helveticus/js/OfbizUtil.js” because the scheme does not
match. OfbizUtil.js
Cookie “auth_tkt” will be soon treated as cross-site cookie against
“https://localhost:8443/images/favicon-96.png” because the scheme does not
match. favicon-96.png
Cookie “auth_tkt” will be soon treated as cross-site cookie against
“https://localhost:8443/images/favicon-32.png” because the scheme does not
match. favicon-32.png
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
(“default-src”). A CSP report is being sent. resource:517:31
Content Security Policy: The page’s settings observed the loading of a resource
at
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
(“default-src”). A CSP report is being sent. {code}
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
