search

JakePartusch / lumberjack

An automated website accessibility scanner and cli
https://github.com/JakePartusch/lumberjack
MIT License
126 stars 7 forks source link

Lumberjack not working when the server has a Content-Security-Policy set #7

Open ghost opened 4 years ago

ghost commented 4 years ago

When the server to contact has a CSP header set that does not include Cloudflare, it stops working with the following stacktrace:

❯ lumberjack --url https://uberspace.de
⠦ Running accessibility checks... (1 of 1 pages)Error: Refused to load the script 'https://cdnjs.cloudflare.com/ajax/libs/axe-core/3.4.2/axe.min.js' because it violates the following Content Security Policy directive: "script-src 'self' https://dashboard.uberspace.de https://*.uberspace.is https://analyti.uber.space". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

    at Frame._raceWithCSPError (/home/jlnostr/.npm-packages/lib/node_modules/@jakepartusch/lumberjack/node_modules/playwright-core/lib/frames.js:587:19)
    at processTicksAndRejections (internal/process/task_queues.js:97:5)
    at async runAccessibilityTestsOnUrl (/home/jlnostr/.npm-packages/lib/node_modules/@jakepartusch/lumberjack/index.js:23:3)
    at async Promise.all (index 0)
    at async runAllChecks (/home/jlnostr/.npm-packages/lib/node_modules/@jakepartusch/lumberjack/index.js:62:38)
    at async main (/home/jlnostr/.npm-packages/lib/node_modules/@jakepartusch/lumberjack/bin/cli.js:30:33)
  -- ASYNC --
    at Frame.<anonymous> (/home/jlnostr/.npm-packages/lib/node_modules/@jakepartusch/lumberjack/node_modules/playwright-core/lib/helper.js:54:23)
    at Page.addScriptTag (/home/jlnostr/.npm-packages/lib/node_modules/@jakepartusch/lumberjack/node_modules/playwright-core/lib/page.js:132:33)
    at Page.<anonymous> (/home/jlnostr/.npm-packages/lib/node_modules/@jakepartusch/lumberjack/node_modules/playwright-core/lib/helper.js:55:31)
    at runAccessibilityTestsOnUrl (/home/jlnostr/.npm-packages/lib/node_modules/@jakepartusch/lumberjack/index.js:23:14)
    at processTicksAndRejections (internal/process/task_queues.js:97:5)
    at async Promise.all (index 0)
    at async runAllChecks (/home/jlnostr/.npm-packages/lib/node_modules/@jakepartusch/lumberjack/index.js:62:38)
    at async main (/home/jlnostr/.npm-packages/lib/node_modules/@jakepartusch/lumberjack/bin/cli.js:30:33)