Login bug

[japlic]

NOTE

If this case is urgent, please subscribe to Subnet so that our 24/7 support team may help you faster.

Expected Behavior'

logging in

Current Behavior

Failed to load resource: the server responded with a status of 403 (Forbidden) jsx-runtime.js:4 Refused to connect to 'https://unpkg.com/detect-gpu@5.0.38/dist/benchmarks/d-intel.json' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-inline'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

(anonymous) @ jsx-runtime.js:4 Show 1 more frame Show less jsx-runtime.js:4 Refused to connect to 'https://unpkg.com/detect-gpu@5.0.38/dist/benchmarks/d-intel.json' because it violates the document's Content Security Policy. (anonymous) @ jsx-runtime.js:4 Show 1 more frame Show less api/v1/login:1

   Failed to load resource: the server responded with a status of 401 (Unauthorized)

Possible Solution

Context

logging in into the webapp

idk

Regression

Your Environment

• Version used (minio --version):
• minio version RELEASE.2024-05-10T01-41-38Z (commit-id=b5984027386ec1e55c504d27f42ef40a189cdb55) Runtime: go1.22.3 linux/amd64 License: GNU AGPLv3 - https://www.gnu.org/licenses/agpl-3.0.html Copyright: 2015-2024 MinIO, Inc.
• Server setup and configuration: Linux idk 5.4.0-176-generic minio/minio#196-Ubuntu SMP Fri Mar 22 16:46:39 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux

[prakashsvmx]

could you capture mc admin trace -v -a --funcname "sts.*" <ALIAS>

is there any loadbalancer/proxy setup ?

[pjuarezd]

this is a dependency that is being blocked by the CSP policies, we are going to check it

[japlic]

ummm its not mc

[japlic]

ok

[japlic]

Is there away to fix it

[pjuarezd]

You can fix the Content Security Policy (see Mozilla docs for more info about CSP) by trusting the host https://unpkg.com, this can be done withmc`

mc admin config set ALIAS browser csp_policy="default-src 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self' https://unpkg.com"

Don't forget to restart the service after the config change

mc admin service restart ALIAS

[pjuarezd]

could you capture mc admin trace -v -a --funcname "sts.*" <ALIAS>

is there any loadbalancer/proxy setup ?

@japlic please provide this info @prakashsvmx is asking for, the CSP is not the reason you cannot login

[cesnietor]

Closing due to innactivity, please feel free to open a new one if the issue persists providing the requested information.