search

puppetlabs / forge_issues

This repository will allow public community members to file bug reports against the Puppet Forge
Creative Commons Zero v1.0 Universal
1 stars 0 forks source link

[Bug]: content security policy doesn't allow www.puppetmodule.info #33

Closed bastelfreak closed 4 months ago

bastelfreak commented 5 months ago

What happened?

www.puppetmodule.info indexes modules, same as rubydoc.info. www.puppetmodule.info is operated by Vox Pupuli. We also have a badge: http://www.puppetmodule.info/images/svg

The content security policy on the forge doesn't allow the site:

Refused to load the image 'https://www.puppetmodule.info/images/badge.png' because it violates the following Content Security Policy directive: "img-src 'self' data: gravatar.com travis-ci.org .travis-ci.org .travis-ci.com cdn.redoc.ly img.shields.io coveralls.io cdn.cookielaw.org github.com .trendemon.com .google.com .6sc.co .6sc.com .google-analytics.com .googletagmanager.com".

As example: https://forge.puppet.com/modules/puppet/bolt/readme

What browsers / clients are you seeing the problem on?

Firefox, Chrome, Safari, Microsoft Edge

Relevant log output

No response

github-actions[bot] commented 4 months ago

Migrated issue to PF-3429

rajat-puppet commented 4 months ago

@bastelfreak Team has pushed the requested URL on img-src allow list. Can you please verify?

bastelfreak commented 4 months ago

thanks, it seems to work again!