Open ConsoleCatzirl opened 2 weeks ago
This plugin has recently (sometime in the past month) stopped receiving an access key from STS for me, with the following error in my chrome console log:
/console/home?region=us-east-1#:1 Refused to connect to 'data:text/plain;base64,Cg==' because it violates the following Content Security Policy directive: "connect-src https://us-east-1.console.aws.amazon.com/console/tb/creds https://*.ccs.amazonaws.com https://*.concierge.analytics.console.aws.a2z.com https://*.console.aws.amazon.com/api-proxy/ https://*.console.aws.amazon.com/api/ https://*.ctrl.prod.os.notifications.aws.dev https://cell-0.us-east-1.prod.telemetry.console.api.aws https://console.aws.amazon.com/aperture/ https://console.aws.amazon.com/cct/nav/private-beta https://console.aws.amazon.com/features-proxy/ https://console.aws.amazon.com/p/pref/ https://console.aws.amazon.com/panoramaroute https://fileupload.aperture-api.analytics.console.aws.a2z.com https://global.console.aws.amazon.com/lotus/metadata https://global.semantic.unifiedsearch.console.api.aws https://global.unifiedsearch.console.api.aws/search https://health.aws.amazon.com https://phd.aws.amazon.com https://presignedurl.aperture-api.analytics.console.aws.a2z.com https://prod.log.shortbread.analytics.console.aws.a2z.com https://prod.tools.shortbread.analytics.console.aws.a2z.com https://semantic.unifiedsearch.amazonaws.com https://telemetry.cell-0.us-east-1.prod.tangerinebox.console.aws.a2z.com https://unifiedsearch.amazonaws.com/search https://us-east-1.console.aws.amazon.com/cct/nav/private-beta https://us-east-1.console.aws.amazon.com/features-proxy/ https://us-east-1.console.aws.amazon.com/feedback/custsat/ https://us-east-1.console.aws.amazon.com/lotus/metadata https://us-east-1.console.aws.amazon.com/p/pref/ https://us-east-1.console.aws.amazon.com/panoramaroute https://us-east-1.prod.pl.analytics.console.aws.a2z.com https://us-east-1.prod.pl.panorama.console.api.aws https://us-east-1.prod.pr.analytics.console.aws.a2z.com https://us-east-1.prod.pr.panorama.console.api.aws https://us-east-1.console.aws.amazon.com/p/log/ https://telemetry.cell-0.us-east-1.prod.tangerinebox.console.aws.a2z.com/telemetry https://api.us-east-1.prod.tangerinebox.console.aws.a2z.com https://global.help-panel.docs.aws.a2z.com https://ec2.us-east-1.amazonaws.com https://us-east-1.awsc-integ.aws.amazon.com/api-proxy/ https://us-west-2.awsc-integ.aws.amazon.com/api-proxy/ https://aws.amazon.com/csds/data/ https://target.aws.amazon.com/placements/ https://aws.amazon.com/token/jwt https://aws.amazon.com/csds/v2/metrics https://servicecatalog-appregistry.eu-north-1.amazonaws.com https://servicecatalog-appregistry.me-south-1.amazonaws.com https://servicecatalog-appregistry.ap-south-1.amazonaws.com https://servicecatalog-appregistry.eu-west-3.amazonaws.com https://servicecatalog-appregistry.ap-southeast-3.amazonaws.com https://servicecatalog-appregistry.us-east-2.amazonaws.com https://servicecatalog-appregistry.af-south-1.amazonaws.com https://servicecatalog-appregistry.eu-west-1.amazonaws.com https://servicecatalog-appregistry.me-central-1.amazonaws.com https://servicecatalog-appregistry.eu-central-1.amazonaws.com https://servicecatalog-appregistry.sa-east-1.amazonaws.com https://servicecatalog-appregistry.ap-east-1.amazonaws.com https://servicecatalog-appregistry.ap-south-2.amazonaws.com https://servicecatalog-appregistry.us-east-1.amazonaws.com https://servicecatalog-appregistry.ap-northeast-2.amazonaws.com https://servicecatalog-appregistry.ap-northeast-3.amazonaws.com https://servicecatalog-appregistry.eu-west-2.amazonaws.com https://servicecatalog-appregistry.ap-southeast-4.amazonaws.com https://servicecatalog-appregistry.eu-south-1.amazonaws.com https://servicecatalog-appregistry.ap-northeast-1.amazonaws.com https://servicecatalog-appregistry.us-west-2.amazonaws.com https://servicecatalog-appregistry.us-west-1.amazonaws.com https://servicecatalog-appregistry.ap-southeast-1.amazonaws.com https://servicecatalog-appregistry.ap-southeast-2.amazonaws.com https://servicecatalog-appregistry.il-central-1.amazonaws.com https://servicecatalog-appregistry.ca-central-1.amazonaws.com https://servicecatalog-appregistry.ca-west-1.amazonaws.com https://servicecatalog-appregistry.eu-south-2.amazonaws.com https://servicecatalog-appregistry.eu-central-2.amazonaws.com https://latency-test.beta.dp.public.lotus.awt.aws.a2z.com/ https://cf-latency-test.beta.public.lotus.awt.aws.a2z.com/ https://*.prod.console.frontend.nle.ux.aws.dev https://us-east-1.console-api.aws.amazon.com/proxycheck https://securityhub.af-south-1.amazonaws.com/insights/adhoc https://securityhub.ap-east-1.amazonaws.com/insights/adhoc https://securityhub.ap-northeast-1.amazonaws.com/insights/adhoc https://securityhub.ap-northeast-2.amazonaws.com/insights/adhoc https://securityhub.ap-northeast-3.amazonaws.com/insights/adhoc https://securityhub.ap-south-1.amazonaws.com/insights/adhoc https://securityhub.ap-south-2.amazonaws.com/insights/adhoc https://securityhub.ap-southeast-1.amazonaws.com/insights/adhoc https://securityhub.ap-southeast-2.amazonaws.com/insights/adhoc https://securityhub.ap-southeast-3.amazonaws.com/insights/adhoc https://securityhub.ap-southeast-4.amazonaws.com/insights/adhoc https://securityhub.ap-southeast-5.amazonaws.com/insights/adhoc https://securityhub.ca-central-1.amazonaws.com/insights/adhoc https://securityhub.ca-west-1.amazonaws.com/insights/adhoc https://securityhub.eu-central-1.amazonaws.com/insights/adhoc https://securityhub.eu-central-2.amazonaws.com/insights/adhoc https://securityhub.eu-north-1.amazonaws.com/insights/adhoc https://securityhub.eu-south-1.amazonaws.com/insights/adhoc https://securityhub.eu-south-2.amazonaws.com/insights/adhoc https://securityhub.eu-west-1.amazonaws.com/insights/adhoc https://securityhub.eu-west-2.amazonaws.com/insights/adhoc https://securityhub.eu-west-3.amazonaws.com/insights/adhoc https://securityhub.il-central-1.amazonaws.com/insights/adhoc https://securityhub.me-central-1.amazonaws.com/insights/adhoc https://securityhub.me-south-1.amazonaws.com/insights/adhoc https://securityhub.sa-east-1.amazonaws.com/insights/adhoc https://securityhub.us-east-1.amazonaws.com/insights/adhoc https://securityhub.us-east-2.amazonaws.com/insights/adhoc https://securityhub.us-west-1.amazonaws.com/insights/adhoc https://securityhub.us-west-2.amazonaws.com/insights/adhoc https://doc-help-panel-test.aka.corp.amazon.com https://us.help-panel.docs.aws.a2z.com https://i-ec2-shiba-prod.iad.amazon.com https://ssm-explorer.us-east-1.amazonaws.com https://ce.us-east-1.amazonaws.com https://health.us-east-1.amazonaws.com https://health.us-east-2.amazonaws.com https://ram.us-east-1.amazonaws.com https://sts.us-east-1.amazonaws.com https://ssm.us-east-1.amazonaws.com https://securityhub.us-east-1.amazonaws.com https://tagging.us-east-1.amazonaws.com https://autoscaling.us-east-1.amazonaws.com https://monitoring.us-east-1.amazonaws.com https://lambda.us-east-1.amazonaws.com https://elasticloadbalancing.us-east-1.amazonaws.com https://resource-groups.us-east-1.amazonaws.com https://synthetics.us-east-1.amazonaws.com https://compute-optimizer.us-east-1.amazonaws.com https://servicecatalog.us-east-1.amazonaws.com https://config.us-east-1.amazonaws.com https://iam.amazonaws.com https://support.us-east-1.amazonaws.com/ https://xqgoa1uunl.execute-api.us-west-2.amazonaws.com https://anyjcaraak.execute-api.us-east-1.amazonaws.com https://*.prod.p13n.console.aws.dev https://macie2.us-east-1.amazonaws.com https://application-signals.us-east-1.api.aws https://cost-optimization-hub.us-east-1.amazonaws.com https://a.b.cdn.console.awsstatic.com".
It looks like AWS has implemented a Content-Security-Policy header that prevents scripts from accessing the AWS STS API.
This plugin has recently (sometime in the past month) stopped receiving an access key from STS for me, with the following error in my chrome console log:
/console/home?region=us-east-1#:1 Refused to connect to 'data:text/plain;base64,Cg==' because it violates the following Content Security Policy directive: "connect-src https://us-east-1.console.aws.amazon.com/console/tb/creds https://*.ccs.amazonaws.com https://*.concierge.analytics.console.aws.a2z.com https://*.console.aws.amazon.com/api-proxy/ https://*.console.aws.amazon.com/api/ https://*.ctrl.prod.os.notifications.aws.dev https://cell-0.us-east-1.prod.telemetry.console.api.aws https://console.aws.amazon.com/aperture/ https://console.aws.amazon.com/cct/nav/private-beta https://console.aws.amazon.com/features-proxy/ https://console.aws.amazon.com/p/pref/ https://console.aws.amazon.com/panoramaroute https://fileupload.aperture-api.analytics.console.aws.a2z.com https://global.console.aws.amazon.com/lotus/metadata https://global.semantic.unifiedsearch.console.api.aws https://global.unifiedsearch.console.api.aws/search https://health.aws.amazon.com https://phd.aws.amazon.com https://presignedurl.aperture-api.analytics.console.aws.a2z.com https://prod.log.shortbread.analytics.console.aws.a2z.com https://prod.tools.shortbread.analytics.console.aws.a2z.com https://semantic.unifiedsearch.amazonaws.com https://telemetry.cell-0.us-east-1.prod.tangerinebox.console.aws.a2z.com https://unifiedsearch.amazonaws.com/search https://us-east-1.console.aws.amazon.com/cct/nav/private-beta https://us-east-1.console.aws.amazon.com/features-proxy/ https://us-east-1.console.aws.amazon.com/feedback/custsat/ https://us-east-1.console.aws.amazon.com/lotus/metadata https://us-east-1.console.aws.amazon.com/p/pref/ https://us-east-1.console.aws.amazon.com/panoramaroute https://us-east-1.prod.pl.analytics.console.aws.a2z.com https://us-east-1.prod.pl.panorama.console.api.aws https://us-east-1.prod.pr.analytics.console.aws.a2z.com https://us-east-1.prod.pr.panorama.console.api.aws https://us-east-1.console.aws.amazon.com/p/log/ https://telemetry.cell-0.us-east-1.prod.tangerinebox.console.aws.a2z.com/telemetry https://api.us-east-1.prod.tangerinebox.console.aws.a2z.com https://global.help-panel.docs.aws.a2z.com https://ec2.us-east-1.amazonaws.com https://us-east-1.awsc-integ.aws.amazon.com/api-proxy/ https://us-west-2.awsc-integ.aws.amazon.com/api-proxy/ https://aws.amazon.com/csds/data/ https://target.aws.amazon.com/placements/ https://aws.amazon.com/token/jwt https://aws.amazon.com/csds/v2/metrics https://servicecatalog-appregistry.eu-north-1.amazonaws.com https://servicecatalog-appregistry.me-south-1.amazonaws.com https://servicecatalog-appregistry.ap-south-1.amazonaws.com https://servicecatalog-appregistry.eu-west-3.amazonaws.com https://servicecatalog-appregistry.ap-southeast-3.amazonaws.com https://servicecatalog-appregistry.us-east-2.amazonaws.com https://servicecatalog-appregistry.af-south-1.amazonaws.com https://servicecatalog-appregistry.eu-west-1.amazonaws.com https://servicecatalog-appregistry.me-central-1.amazonaws.com https://servicecatalog-appregistry.eu-central-1.amazonaws.com https://servicecatalog-appregistry.sa-east-1.amazonaws.com https://servicecatalog-appregistry.ap-east-1.amazonaws.com https://servicecatalog-appregistry.ap-south-2.amazonaws.com https://servicecatalog-appregistry.us-east-1.amazonaws.com https://servicecatalog-appregistry.ap-northeast-2.amazonaws.com https://servicecatalog-appregistry.ap-northeast-3.amazonaws.com https://servicecatalog-appregistry.eu-west-2.amazonaws.com https://servicecatalog-appregistry.ap-southeast-4.amazonaws.com https://servicecatalog-appregistry.eu-south-1.amazonaws.com https://servicecatalog-appregistry.ap-northeast-1.amazonaws.com https://servicecatalog-appregistry.us-west-2.amazonaws.com https://servicecatalog-appregistry.us-west-1.amazonaws.com https://servicecatalog-appregistry.ap-southeast-1.amazonaws.com https://servicecatalog-appregistry.ap-southeast-2.amazonaws.com https://servicecatalog-appregistry.il-central-1.amazonaws.com https://servicecatalog-appregistry.ca-central-1.amazonaws.com https://servicecatalog-appregistry.ca-west-1.amazonaws.com https://servicecatalog-appregistry.eu-south-2.amazonaws.com https://servicecatalog-appregistry.eu-central-2.amazonaws.com https://latency-test.beta.dp.public.lotus.awt.aws.a2z.com/ https://cf-latency-test.beta.public.lotus.awt.aws.a2z.com/ https://*.prod.console.frontend.nle.ux.aws.dev https://us-east-1.console-api.aws.amazon.com/proxycheck https://securityhub.af-south-1.amazonaws.com/insights/adhoc https://securityhub.ap-east-1.amazonaws.com/insights/adhoc https://securityhub.ap-northeast-1.amazonaws.com/insights/adhoc https://securityhub.ap-northeast-2.amazonaws.com/insights/adhoc https://securityhub.ap-northeast-3.amazonaws.com/insights/adhoc https://securityhub.ap-south-1.amazonaws.com/insights/adhoc https://securityhub.ap-south-2.amazonaws.com/insights/adhoc https://securityhub.ap-southeast-1.amazonaws.com/insights/adhoc https://securityhub.ap-southeast-2.amazonaws.com/insights/adhoc https://securityhub.ap-southeast-3.amazonaws.com/insights/adhoc https://securityhub.ap-southeast-4.amazonaws.com/insights/adhoc https://securityhub.ap-southeast-5.amazonaws.com/insights/adhoc https://securityhub.ca-central-1.amazonaws.com/insights/adhoc https://securityhub.ca-west-1.amazonaws.com/insights/adhoc https://securityhub.eu-central-1.amazonaws.com/insights/adhoc https://securityhub.eu-central-2.amazonaws.com/insights/adhoc https://securityhub.eu-north-1.amazonaws.com/insights/adhoc https://securityhub.eu-south-1.amazonaws.com/insights/adhoc https://securityhub.eu-south-2.amazonaws.com/insights/adhoc https://securityhub.eu-west-1.amazonaws.com/insights/adhoc https://securityhub.eu-west-2.amazonaws.com/insights/adhoc https://securityhub.eu-west-3.amazonaws.com/insights/adhoc https://securityhub.il-central-1.amazonaws.com/insights/adhoc https://securityhub.me-central-1.amazonaws.com/insights/adhoc https://securityhub.me-south-1.amazonaws.com/insights/adhoc https://securityhub.sa-east-1.amazonaws.com/insights/adhoc https://securityhub.us-east-1.amazonaws.com/insights/adhoc https://securityhub.us-east-2.amazonaws.com/insights/adhoc https://securityhub.us-west-1.amazonaws.com/insights/adhoc https://securityhub.us-west-2.amazonaws.com/insights/adhoc https://doc-help-panel-test.aka.corp.amazon.com https://us.help-panel.docs.aws.a2z.com https://i-ec2-shiba-prod.iad.amazon.com https://ssm-explorer.us-east-1.amazonaws.com https://ce.us-east-1.amazonaws.com https://health.us-east-1.amazonaws.com https://health.us-east-2.amazonaws.com https://ram.us-east-1.amazonaws.com https://sts.us-east-1.amazonaws.com https://ssm.us-east-1.amazonaws.com https://securityhub.us-east-1.amazonaws.com https://tagging.us-east-1.amazonaws.com https://autoscaling.us-east-1.amazonaws.com https://monitoring.us-east-1.amazonaws.com https://lambda.us-east-1.amazonaws.com https://elasticloadbalancing.us-east-1.amazonaws.com https://resource-groups.us-east-1.amazonaws.com https://synthetics.us-east-1.amazonaws.com https://compute-optimizer.us-east-1.amazonaws.com https://servicecatalog.us-east-1.amazonaws.com https://config.us-east-1.amazonaws.com https://iam.amazonaws.com https://support.us-east-1.amazonaws.com/ https://xqgoa1uunl.execute-api.us-west-2.amazonaws.com https://anyjcaraak.execute-api.us-east-1.amazonaws.com https://*.prod.p13n.console.aws.dev https://macie2.us-east-1.amazonaws.com https://application-signals.us-east-1.api.aws https://cost-optimization-hub.us-east-1.amazonaws.com https://a.b.cdn.console.awsstatic.com".
It looks like AWS has implemented a Content-Security-Policy header that prevents scripts from accessing the AWS STS API.