Closed kendofriendo closed 5 months ago
I second this problem. Also with caddy and docker.
I'm not familiar with Caddy, but the issue is with said CSP headers not being applied correctly by your caddy configuration Here is an answer of someone with a working configuration:
https://github.com/BDX-town/Mangane/issues/315#issuecomment-2071406572
Don't hesitate to explain your solution if you happen to get it working so I could add that to the documentation :)
From what I can read your configuration seems to differ from the one in doc:
Content-Security-Policy "upgrade-insecure-requests;script-src 'self';connect-src 'self' blob: https://example.com wss://example.com;media-src 'self' https:;img-src 'self' data: blob: https:;default-src 'none';base-uri 'self';frame-ancestors 'none';style-src 'self' 'unsafe-inline';font-src 'self';manifest-src 'self';"
https://github.com/BDX-town/Mangane?tab=readme-ov-file#messy-colors--style-configuration
My solution was to run Mangane in another domain lol. I rather prefer to have the option to easily jump from a FE to another, so it is all good.
Thanks for your feedback !
Running on docker with caddy.
Tried editing the config thusly but didn't seem to have an effect.