Inscriptions not displayed

[gus4rs]

Some multi layered inscriptions aren't being displayed in my local server. E.g, going to

https://ordinals.com/children/0e383b8af3e7f8767bc9ec0a48fbf837d82b0d537f4dbc7a8853e6828112ea41i0

Shows all the children of the ordinal collection

While going to the same URL in my local server doesn't display any image and doesn't log any error

http://server/children/0e383b8af3e7f8767bc9ec0a48fbf837d82b0d537f4dbc7a8853e6828112ea41i0

I am using version 0.2.0 with full indexing (--index-transactions --index-sats --index-runes)

Any clues on how to troubleshoot the issue?

[raphjaph]

Did you maybe set custom CSP headers?

[gus4rs]

No, I didn't

[raphjaph]

Ok so only recursive inscriptions aren't displayed and every other inscription is?

And there are no errors in the browser console? Not something like 404 or policy errors?

[gus4rs]

Yes, I can see simpler inscriptions, the issue is more complex ones that simply aren't displayed.

The console does print an error:

The Content Security Policy (CSP) prevents the evaluation of arbitrary strings as JavaScript to make it more difficult for an attacker to inject unathorized code on your site.
To solve this issue, avoid using eval(), new Function(), setTimeout([string], ...) and setInterval([string], ...) for evaluating strings.
If you absolutely must: you can enable string evaluation by adding unsafe-eval as an allowed source in a script-src directive

[gus4rs]

Also it prints tons of 404 errors, but so does ordinals.com

[gus4rs]

UPDATE: acessing through localhost works fine. Accessing through the wlan IP 192.168.1.88 fails Do I need a DNS entry? Set any custom header via server command line?

[raphjaph]

Ah okay, I think it's a CSP issue. In order to make recursion work in Safari we had to add CSP headers to scope the permissions of the iframe. By default it will set the headers to the domain you specified and if not specified to the host your listening on so localhost. Could you post the exact command you used to start the server?

[gus4rs]

/usr/local/bin/ord --index-transactions --index-addresses --index-sats --index-runes --index-cache-size 500000000 --data-dir /ordinals/ --bitcoin-rpc-url 127.0.0.1:8332 --bitcoin-rpc-username bitcoin --bitcoin-rpc-password bitcoin server --http-port 1880 --polling-interval 10m

[raphjaph]

Try setting the CSP header to the URL you want it displayed on.

--csp-origin <CSP_ORIGIN>
          Use <CSP_ORIGIN> in Content-Security-Policy header. Set this to the public-facing URL of your ord instance.

[gus4rs]

I am not running ord in a public facing website with domain, but in my local network I tried putting: --csp-origin http://192.168.1.34:81 to no avail.