search

Expensify / App

Welcome to New Expensify: a complete re-imagination of financial collaboration, centered around chat. Help us build the next generation of Expensify by sharing feedback and contributing to the code.
https://new.expensify.com
MIT License
3.55k stars 2.9k forks source link

CORS console error for firebaseremoteconfig.googleapis.com #50515

Closed mountiny closed 1 month ago

mountiny commented 1 month ago

If you haven’t already, check out our contributing guidelines for onboarding and email contributors@expensify.com to request to join our Slack channel!

Version Number: Reproducible in staging?: y Reproducible in production?:y If this was caught during regression testing, add the test name, ID and link from TestRail: Email or phone of affected tester (no customers): Logs: https://stackoverflow.com/c/expensify/questions/4856 Expensify/Expensify Issue URL: Issue reported by: @mountiny Slack conversation:

Action Performed:

Break down in numbered steps

Open the app and check out the console

image

Expected Result:

Describe what you think should've happened

There should be no console errors

Actual Result:

Describe what actually happened

index.esm2017.js:539 Refused to connect to 'https://firebaseremoteconfig.googleapis.com/v1/projects/expensify-chat/namespaces/fireperf:fetch?key=AIzaSyDxzigVLZl4G8MP7jACQ0qpmADMzmrrON0' because it violates the following Content Security Policy directive: "connect-src 'self' https://*.pusher.com wss://*.pusher.com https://*.pusherapp.com https://secure.expensify.com https://staging-secure.expensify.com https://staging.expensify.com https://www.expensify.com https://accounts.google.com/gsi/ wss://sync.onfido.com https://telephony.onfido.com blob: *.onfido.com wss://*.onfido.com https://www.woopra.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://*.googleusercontent.com https://*.smartlook.cloud https://events.mapbox.com https://edge.fullstory.com https://rs.fullstory.com https://firebaseinstallations.googleapis.com data:".

(anonymous) @ index.esm2017.js:539
Show 1 more frame
Show lessUnderstand this error
index.esm2017.js:539 Refused to connect to 'https://firebaseremoteconfig.googleapis.com/v1/projects/expensify-chat/namespaces/fireperf:fetch?key=AIzaSyDxzigVLZl4G8MP7jACQ0qpmADMzmrrON0' because it violates the document's Content Security Policy.

Workaround:

Can the user still use Expensify without this being fixed? Have you informed them of the workaround?

Platforms:

Which of our officially supported platforms is this issue occurring on?

Screenshots/Videos

Add any screenshot/video evidence

View all open jobs on GitHub

melvin-bot[bot] commented 1 month ago

Triggered auto assignment to @puneetlath (Bug), see https://stackoverflow.com/c/expensify/questions/14418 for more details. Please add this bug to a GH project, as outlined in the SO.