Refused to load the script '' because it violates the following Content Security Policy directive: "script-src 'self' 'nonce-2JneBy8FWfkAx7Z2EcBJsdGMfluTAOhz' 'nonce-80dc1e0c-3bbd-4d7e-8b23-c3a5fcf49e15'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Steps to Reproduce
Deploy a Fider instance using Coolify.
Set a custom domain for the instance via the Coolify UI.
Verify that the $BASE_URL environment variable in the terminal is still set to the default sslip.io domain instead of the configured domain.
Refresh the app and observe CSP errors in the browser console related to blocked resources from the sslip.io domain.
Example Repository URL
No response
Coolify Version
v4.0.0-beta.360
Are you using Coolify Cloud?
No (self-hosted)
Operating System and Version (self-hosted)
Ubuntu 22.04 on an Azure VM
Additional Information
The application does not respect the configured custom domain, and the $BASE_URL environment variable continues to reflect the sslip.io domain even after setting the domain in the UI. Restarting the service and hardcoding the $BASE_URL variable did not resolve the issue. The CSP errors prevent certain resources from loading correctly, leading to a broken UI.
svzi
commented
1 week ago
Error Message and Logs
Refused to load the image '' because it violates the following Content Security Policy directive: "img-src 'self' https: data".
Refused to load the stylesheet 'http://fider-r88swwskkokw00css8c40488.98.66.183.108.sslip.io/assets/css/main.20d1089fd71e94b6ea6b.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.paddle.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
Refused to load the script '' because it violates the following Content Security Policy directive: "script-src 'self' 'nonce-2JneBy8FWfkAx7Z2EcBJsdGMfluTAOhz' 'nonce-80dc1e0c-3bbd-4d7e-8b23-c3a5fcf49e15'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Steps to Reproduce
Example Repository URL
No response
Coolify Version
v4.0.0-beta.360
Are you using Coolify Cloud?
No (self-hosted)
Operating System and Version (self-hosted)
Ubuntu 22.04 on an Azure VM
Additional Information
The application does not respect the configured custom domain, and the $BASE_URL environment variable continues to reflect the sslip.io domain even after setting the domain in the UI. Restarting the service and hardcoding the $BASE_URL variable did not resolve the issue. The CSP errors prevent certain resources from loading correctly, leading to a broken UI.