[
https://issues.apache.org/jira/browse/OPENMEETINGS-2647?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Uwe Simon updated OPENMEETINGS-2647:
------------------------------------
Description:
The Webconsole shows several errors/warings with
"Content Security Policy violations".
Seems this could be the reason, that on Windows and Firefox 88 in a rooms the
upper left menu bar is not visible, so exit and the other menu items are not
accessabe..
Chrome:
jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2 Refused to load the
stylesheet 'https://132.145.244.181:5443/openmeetings/group/customcss/2'
because it violates the following Content Security Policy directive: "style-src
'nonce-vi6tcS3Be_DzYEa6oQBtUKmN' [https://fonts.googleapis.com/css]";. Note that
'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
Firefox 90.2 (Linux):
20:28:30.415 Content Security Policy: Die Einstellungen der Seite haben das
Laden einer Ressource auf
[https://132.145.244.181:5443/openmeetings/group/customcss/2] blockiert
("style-src").
[jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2:50992|https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.wicket.resource.JQueryResourceReference/jquery/jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js]
20:28:30.441 Content Security Policy: Die Einstellungen der Seite haben das
Laden einer Ressource auf data:video/webm;base64,GkXfowEAAAAAAAAfQ… blockiert
("media-src").
Firefox 91 (Win10):
Content Security Policy: Die Einstellungen der Seite haben das Laden einer
Ressource auf [https://132.145.244.181:5443/openmeetings/group/customcss/2]
blockiert ("style-src").
[jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2:50992|https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.wicket.resource.JQueryResourceReference/jquery/jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js]
Content Security Policy: Die Einstellungen der Seite haben das Laden einer
Ressource auf data:video/webm;base64,GkXfowEAAAAAAAAfQ… blockiert ("media-src").
Alle Kandidaten für die Ressource konnten nicht geladen werden. Medien-Laden
pausiert. [openmeetings|https://132.145.244.181:5443/openmeetings/#room/7]
Uncaught (in promise) DOMException: The play method is not allowed by the user
agent or the platform in the current context, possibly because the user denied
permission.
Uncaught (in promise) DOMException: The play method is not allowed by the user
agent or the platform in the current context, possibly because the user denied
permission. room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1:22151
value
https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.openmeetings.web.room.RoomPanel/room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1
(Async: promise callback)
value
https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.openmeetings.web.room.RoomPanel/room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1
load
https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.openmeetings.web.room.RoomPanel/room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1
<anonym> https://132.145.244.181:5443/openmeetings/#room/7 line 1 >
injectedScript:71
<anonym> https://132.145.244.181:5443/openmeetings/#room/7 line 1 >
injectedScript:71
jQuery 55
was:
The Webconsole shows several errors/warings with
"Content Security Policy violations".
Chrome:
jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2 Refused to load the
stylesheet 'https://132.145.244.181:5443/openmeetings/group/customcss/2'
because it violates the following Content Security Policy directive: "style-src
'nonce-vi6tcS3Be_DzYEa6oQBtUKmN' [https://fonts.googleapis.com/css]";. Note that
'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
Firefox 90.2 (Linux):
20:28:30.415 Content Security Policy: Die Einstellungen der Seite haben das
Laden einer Ressource auf
[https://132.145.244.181:5443/openmeetings/group/customcss/2] blockiert
("style-src").
[jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2:50992|https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.wicket.resource.JQueryResourceReference/jquery/jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js]
20:28:30.441 Content Security Policy: Die Einstellungen der Seite haben das
Laden einer Ressource auf data:video/webm;base64,GkXfowEAAAAAAAAfQ… blockiert
("media-src").
> Content Security Policy Errors/Warning
> --------------------------------------
>
> Key: OPENMEETINGS-2647
> URL: https://issues.apache.org/jira/browse/OPENMEETINGS-2647
> Project: Openmeetings
> Issue Type: Bug
> Components: UI
> Affects Versions: 6.1.0
> Reporter: Uwe Simon
> Assignee: Maxim Solodovnik
> Priority: Major
>
> The Webconsole shows several errors/warings with
> "Content Security Policy violations".
>
> Seems this could be the reason, that on Windows and Firefox 88 in a rooms the
> upper left menu bar is not visible, so exit and the other menu items are not
> accessabe..
> Chrome:
> jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2 Refused to load the
> stylesheet 'https://132.145.244.181:5443/openmeetings/group/customcss/2'
> because it violates the following Content Security Policy directive:
> "style-src 'nonce-vi6tcS3Be_DzYEa6oQBtUKmN'
> [https://fonts.googleapis.com/css]";. Note that 'style-src-elem' was not
> explicitly set, so 'style-src' is used as a fallback.
>
> Firefox 90.2 (Linux):
> 20:28:30.415 Content Security Policy: Die Einstellungen der Seite haben das
> Laden einer Ressource auf
> [https://132.145.244.181:5443/openmeetings/group/customcss/2] blockiert
> ("style-src").
> [jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2:50992|https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.wicket.resource.JQueryResourceReference/jquery/jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js]
> 20:28:30.441 Content Security Policy: Die Einstellungen der Seite haben das
> Laden einer Ressource auf data:video/webm;base64,GkXfowEAAAAAAAAfQ… blockiert
> ("media-src").
>
>
> Firefox 91 (Win10):
>
> Content Security Policy: Die Einstellungen der Seite haben das Laden einer
> Ressource auf [https://132.145.244.181:5443/openmeetings/group/customcss/2]
> blockiert ("style-src").
> [jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2:50992|https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.wicket.resource.JQueryResourceReference/jquery/jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js]
> Content Security Policy: Die Einstellungen der Seite haben das Laden einer
> Ressource auf data:video/webm;base64,GkXfowEAAAAAAAAfQ… blockiert
> ("media-src").
> Alle Kandidaten für die Ressource konnten nicht geladen werden. Medien-Laden
> pausiert. [openmeetings|https://132.145.244.181:5443/openmeetings/#room/7]
> Uncaught (in promise) DOMException: The play method is not allowed by the
> user agent or the platform in the current context, possibly because the user
> denied permission.
>
> Uncaught (in promise) DOMException: The play method is not allowed by the
> user agent or the platform in the current context, possibly because the user
> denied permission. room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1:22151
> value
> https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.openmeetings.web.room.RoomPanel/room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1
> (Async: promise callback)
> value
> https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.openmeetings.web.room.RoomPanel/room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1
> load
> https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.openmeetings.web.room.RoomPanel/room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1
> <anonym> https://132.145.244.181:5443/openmeetings/#room/7 line 1 >
> injectedScript:71
> <anonym> https://132.145.244.181:5443/openmeetings/#room/7 line 1 >
> injectedScript:71
> jQuery 55
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
