Closed icougil closed 4 years ago
Hi @cbellone
Did you had time to review that issue?
I think that the main problem is only the URL of the Content-Security-Policy
:
Removing the /api2
should solve the issue.
Best,
Hi @cougil , thanks for the report.
I have applied your suggestion to the 2.0-M1-maintenance branch, as the 1.x-maintenance is EOL. As soon as my PR is merged, we'll release a new version of 2.0-M1
I would suggest you to switch your instance to the current stable branch
Thanks Celestino
Hi @cbellone Thank you very much. Oh, didn't knew that the 1.x.x branch is EOL. A question btw, if we switch our instance to the 2.0-M1 version, the current setup of the system will continue working? Best,
it depends on the modifications that you've made on your fork.
Migrating a "vanilla" 1.x alf.io to 2.0-M1 is safe. We have migrated dozens of instances managed by @swicket without any problems.
If your fork contains database modifications, I would suggest you to give it a try it locally using a database backup first
Ok, thank you very much! We didn't change our database, so I think it will be safe to migrate to 2.0-M1 Best,
please wait until the fix has been merged :)
wops! sorry! 😛
Describe the bug It is impossible to log into alf.io admin console when you have recaptcha activated.
To Reproduce Steps to reproduce the behavior:
Refused to load the script 'https://www.gstatic.com/recaptcha/releases/xxxxxxxx/recaptcha__xxxx.js' because it violates the following Content Security Policy directive: "script-src 'self' https://js.stripe.com/ https://api.stripe.com/ https://www.google-analytics.com/ https://ssl.google-analytics.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/api2/ https://maps.googleapis.com/ https://connect.facebook.net/ https://www.facebook.com/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Expected behavior See the recaptcha & login button appear
Screenshots
Desktop (please complete the following information):
Smartphone (please complete the following information):
Additional context alf.io version:
1.x-maintenance
Btw, I've been having a look and with this simple change I think it could be solved. I can prepare a PR if you think it could be integrated in the current 1.x maintenance branch ;-)
Best,