[
https://issues.apache.org/jira/browse/OPENMEETINGS-2647?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Uwe Simon updated OPENMEETINGS-2647:
Description:
The Webconsole shows several errors/warings with
"Content Security Policy violations".
Seems this could be the reason, that on Windows and Firefox 88 in a rooms the
upper left menu bar is not visible, so exit and the other menu items are not
accessabe..
Chrome:
jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2 Refused to load the
stylesheet 'https://132.145.244.181:5443/openmeetings/group/customcss/2'
because it violates the following Content Security Policy directive: "style-src
'nonce-vi6tcS3Be_DzYEa6oQBtUKmN' [https://fonts.googleapis.com/css];. Note that
'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
Firefox 90.2 (Linux):
20:28:30.415 Content Security Policy: Die Einstellungen der Seite haben das
Laden einer Ressource auf
[https://132.145.244.181:5443/openmeetings/group/customcss/2] blockiert
("style-src").
[jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2:50992|https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.wicket.resource.JQueryResourceReference/jquery/jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js]
20:28:30.441 Content Security Policy: Die Einstellungen der Seite haben das
Laden einer Ressource auf data:video/webm;base64,GkXfowEfQ… blockiert
("media-src").
Firefox 91 (Win10):
Content Security Policy: Die Einstellungen der Seite haben das Laden einer
Ressource auf [https://132.145.244.181:5443/openmeetings/group/customcss/2]
blockiert ("style-src").
[jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2:50992|https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.wicket.resource.JQueryResourceReference/jquery/jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js]
Content Security Policy: Die Einstellungen der Seite haben das Laden einer
Ressource auf data:video/webm;base64,GkXfowEfQ… blockiert ("media-src").
Alle Kandidaten für die Ressource konnten nicht geladen werden. Medien-Laden
pausiert. [openmeetings|https://132.145.244.181:5443/openmeetings/#room/7]
Uncaught (in promise) DOMException: The play method is not allowed by the user
agent or the platform in the current context, possibly because the user denied
permission.
Uncaught (in promise) DOMException: The play method is not allowed by the user
agent or the platform in the current context, possibly because the user denied
permission. room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1:22151
value
https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.openmeetings.web.room.RoomPanel/room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1
(Async: promise callback)
value
https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.openmeetings.web.room.RoomPanel/room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1
load
https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.openmeetings.web.room.RoomPanel/room-ver-F5422CD81838B3A9C3207DE3749ACB49.js:1
https://132.145.244.181:5443/openmeetings/#room/7 line 1 >
injectedScript:71
https://132.145.244.181:5443/openmeetings/#room/7 line 1 >
injectedScript:71
jQuery 55
was:
The Webconsole shows several errors/warings with
"Content Security Policy violations".
Chrome:
jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2 Refused to load the
stylesheet 'https://132.145.244.181:5443/openmeetings/group/customcss/2'
because it violates the following Content Security Policy directive: "style-src
'nonce-vi6tcS3Be_DzYEa6oQBtUKmN' [https://fonts.googleapis.com/css];. Note that
'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
Firefox 90.2 (Linux):
20:28:30.415 Content Security Policy: Die Einstellungen der Seite haben das
Laden einer Ressource auf
[https://132.145.244.181:5443/openmeetings/group/customcss/2] blockiert
("style-src").
[jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js:2:50992|https://132.145.244.181:5443/openmeetings/wicket/resource/org.apache.wicket.resource.JQueryResourceReference/jquery/jquery-3.6.0-ver-7B432A70897DCD6A8F6D26413CDF1916.js]
20:28:30.441 Content Security Policy: Die Einstellungen der Seite haben das
Laden einer Ressource auf data:video/webm;base64,GkXfowEfQ… blockiert
("media-src").
> Content Security Policy Errors/Warning
> --
>
> Key: OPENMEETINGS-2647
> URL: https://issues.apache.org/jira/browse/OPENMEETINGS-2647
> Project: Openmeetings
> Issue Type: Bug
> Components: UI
>Affects Versions: 6.1.0
>Reporter: Uwe Simon
>Assignee: Maxim Solodovnik
>Priority: Major
>
> The Webconsole shows several errors/warings with
> "Content Security Policy