search

Expensify / App

Welcome to New Expensify: a complete re-imagination of financial collaboration, centered around chat. Help us build the next generation of Expensify by sharing feedback and contributing to the code.
https://new.expensify.com
MIT License
3.11k stars 2.61k forks source link

IOU - "Content-Security-Policy directive" console error when tracking and requesting expense #43772

Open kavimuru opened 2 weeks ago

kavimuru commented 2 weeks ago

If you haven’t already, check out our contributing guidelines for onboarding and email contributors@expensify.com to request to join our Slack channel!

Version Number: 1.4.83-1 Reproducible in staging?: y Reproducible in production?: y If this was caught during regression testing, add the test name, ID and link from TestRail: Email or phone of affected tester (no customers): Logs: https://stackoverflow.com/c/expensify/questions/4856 Expensify/Expensify Issue URL: https://expensify.testrail.io/index.php?/tests/view/4607399&group_by=cases:section_id&group_id=309130&group_order=asc Issue reported by: Applause internal team Slack conversation:

Action Performed:

  1. Navigate to https://staging.new.expensify.com/
  2. Log in with a new expensifail account
  3. Open Chrome console
  4. Create a new workspace
  5. Tap on FAB - Track expense
  6. Tap on FAB - Submit expense

Expected Result:

There shouldn't be any console errors

Actual Result:

Console error appears "Content-Security-Policy directive name 'https://sdk.onfido.com'/ contains one or more invalid characters." console error appears when tracking expense. Also repro by opening Submit expense.

ERROR MESSAGE 15:06:20.799 The Content-Security-Policy directive name 'https://sdk.onfido.com'/ contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names. 15:06:20.800 The Content-Security-Policy directive name 'https://sdk.onfido.com'/ contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names. 15:06:20.800 /track-training:1 The Content-Security-Policy directive name 'https://sdk.onfido.com'/ contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names. 15:06:20.800 /track-training:1 The Content-Security-Policy directive name 'https://sdk.onfido.com'/ contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.

Workaround:

unknown

Platforms:

Which of our officially supported platforms is this issue occurring on?

Screenshots/Videos

Bug6506212_1717852556670!42772.pr-testing.expensify.com-1717851990610.txt

https://github.com/Expensify/App/assets/43996225/a7025476-7e02-429e-ac6b-29983ebb33b7

View all open jobs on GitHub

melvin-bot[bot] commented 2 weeks ago

Triggered auto assignment to @abekkala (Bug), see https://stackoverflow.com/c/expensify/questions/14418 for more details. Please add this bug to a GH project, as outlined in the SO.

kavimuru commented 2 weeks ago

@abekkala FYI I haven't added the External label as I wasn't 100% sure about this issue. Please take a look and add the label if you agree it's a bug and can be handled by external contributors

kavimuru commented 2 weeks ago

We think this bug might be related to #wave-collect - Release 2

melvin-bot[bot] commented 2 weeks ago

@abekkala Whoops! This issue is 2 days overdue. Let's get this updated quick!

abekkala commented 2 weeks ago

Not sure why an onfido message would appear - I'm not able to repro. I'm applying the retest weekly label

melvin-bot[bot] commented 6 days ago

@abekkala this issue was created 2 weeks ago. Are we close to a solution? Let's make sure we're treating this as a top priority. Don't hesitate to create a thread in #expensify-open-source to align faster in real time. Thanks!

abekkala commented 2 days ago

still in retesting

mvtglobally commented 1 day ago

Issue not reproducible during KI retests. (First week)