Closed motti87 closed 3 months ago
Same problem here.
Chrome / Brave arent working Android Browser isnt working too. Firefox is working
Zammad itself says: https://community.zammad.org/t/issue-with-display-in-chrome-edge-page-remains-blank/12254
The installation script you mentioned is not an official installation method of Zammad. The last time I had a look at that script it did some sketchy host file blocking. I have not qualified if it does change files, if it does, there might be your problem. Please use consider cross checking this issue by installing Zammad on a machine per documnetation: https://docs.zammad.org/en/latest/install/package.html 6
I commented out this block for a test and then it works in Brave/Chrome:
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload'; add_header Content-Security-Policy "default-src 'self'; font-src *;img-src * data:; script-src *; style-src *"; add_header Referrer-Policy "strict-origin"; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; add_header Permissions-Policy "geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()"; add_header Strict-Transport-Security "max-age=31536000" always;
So its this line:
add_header Permissions-Policy "geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()";
If i comment only this one out, it works fine.
So its this line:
add_header Permissions-Policy "geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()";
If i comment only this one out, it works fine.
Thank´s for your work. I will try it on monday.
(If someone else is searching for the Line: https://github.com/bashclub/zamba-lxc-toolbox/blob/d0693c82e211d07dc75b71baec3351cefd2861b2/src/zammad/install-service.sh#L106 )
Fixed with use of the contributor shipped nginx zammad_ssl.conf Currently in dev, will be released soon.
After a fresh installation, I can no longer access the page with Chrome/Edge. (I can log in and work normally with Firefox, and there were no errors during the installation process.) The page remains blank and displays the following errors:
– Content Security Policy blocks inline execution of scripts and stylesheets
I can log in and work normally with Firefox, and there were no errors during the installation process.