MocioF
commented
1 year ago Did you whitelist those 2 scripts? They are inserted by no-unsafe-inline and you should find them in Exernal whitelist tab
Closed x3g closed 1 year ago
MocioF
commented
1 year ago Did you whitelist those 2 scripts? They are inserted by no-unsafe-inline and you should find them in Exernal whitelist tab
x3g
commented
1 year ago Yes, they're whitelisted - I just tried rehashing them but still get the warnings
x3g
commented
1 year ago Also, in the plugin logs, there's loads of these entries - I guess they're related:
2023-09-25 08:18:38 | WARNING | Unable to get hashes of script with ID: 0 2023-09-25 08:18:34 | WARNING | Unable to get hashes of script with ID: 0 2023-09-25 08:18:12 | WARNING | Unable to get hashes of script with ID: 0 2023-09-25 08:18:09 | WARNING | Unable to get hashes of script with ID: 0 2023-09-25 08:13:21 | WARNING | Unable to get hashes of script with ID: 0 2023-09-25 08:13:19 | WARNING | Unable to get hashes of script with ID: 0 2023-09-25 07:53:00 | WARNING | Unable to get hashes of script with ID: 0 2023-09-25 07:52:51 | WARNING | Unable to get hashes of script with ID: 0 2023-09-25 07:52:42 | WARNING | Unable to get hashes of script with ID: 0
x3g
commented
1 year ago Solved it! It was the MySQL permissions on the tables!
I'd set table specific (and slightly paranoid!) permissions on the database which didn't carry over to the tables added by nunil. I corrected those, deleted all script rules via the plug-in and set it to capture data, whitelisted the scripts again and it works fine now!
MocioF
commented
1 year ago Ok x3g, I was looking at the code, but I could not reproduce the error. So it happens if nunil_external_scripts table is empty, or what?
x3g
commented
1 year ago There was some data in the tables. I noticed it when I couldn't clean the db and there were some blacklisted items. When I fixed the permissions the clean database button worked and I could start capturing and whitelisting data again
On 26/09/2023 09:53, Giuseppe Foti wrote:
Ok x3g, I was looking at the code, but I could not reproduce the error. So it happens if nunil_external_scripts table is empty, or what?
— Reply to this email directly, view it on GitHub https://github.com/MocioF/No-unsafe-inline/issues/10#issuecomment-1735110349, or unsubscribe https://github.com/notifications/unsubscribe-auth/AI6FRXKTZWUIXYXAV7KKLITX4KJXRANCNFSM6AAAAAA5FDYJOE. You are receiving this because you authored the thread.Message ID: @.***>
My logs are showing multiple identical warnings:
2023-09-24 19:47:21 | WARNING | Unable to get hashes of script with ID: 0
In the web browser there are warnings that hashes don't match and jQuery is undefined:
Content-Security-Policy: Couldn't process unknown directive 'report-to' getinshape.today
None of the “sha256” hashes in the integrity attribute match the content of the subresource. The computed hash is “Z0R8NlbKrWMDcyU2kfPo9kRn6v1ucwXJsOmBEbC0FpQ=”. getinshape.today
None of the “sha256” hashes in the integrity attribute match the content of the subresource. The computed hash is “XJP3d5nRIvtSVe4k2ihfnyKMwRjLoR5s6ytr2ozfQWQ=”. getinshape.today
None of the “sha256” hashes in the integrity attribute match the content of the subresource. The computed hash is “UnTxHm+zKuDPLfufgEMnKGXDl6fEIjtM+n1Q6lL73ok=”. getinshape.today
Uncaught ReferenceError: jQuery is not defined