Opening a local website on my synology

vletroye / Mods

Mods can be used to Create or Open/Edit and Generate packages for Synology

Microsoft Public License

86 stars 10 forks source link

Opening a local website on my synology #4

Closed vanlooverenkoen closed 6 years ago

vanlooverenkoen commented 6 years ago

I get this error when I created a package that opens a WebApp and navigates to the correct ip. ERROR Refused to frame 'http://192.168.2.3:5004/' because it violates the following Content Security Policy directive: "frame-src 'self' data: blob: https://*.synology.com https://www.synology.cn/ https://www.youtube.com http://www.youtube.com *.youtube.com http://*.synology.com http://*.synology.cn".

HMTL

<!DOCTYPE html>
<html>
<head>
<title>WebApp</title>
</head>
<body>
    <script>
        location.href = "http://192.168.2.3:5004";
    </script>
</body>
</html>

vanlooverenkoen commented 6 years ago

Maybe an extra option need to be. Open a uri in a WebApp.

vletroye commented 6 years ago

Unfortunately, This is not permitted... I already tried to get some support (also from Synology) to find how to authorize the opening of an url in a DSM window... But nobody provided me an answer... (See https://forum.synology.com/enu/viewtopic.php?t=121672)

More concretely: I don't know where is configured the Content Security Policy directive and how to change it. This is a security feature and it's for sure not safe to disable it (you can do it if you want). But as far as I am concerned, I would prefer to find a way to authorize my URLs, one by one.

vletroye commented 6 years ago

For those who would be ok with disabling the Security option "Improve security with HTTP Content Security Policy (CSP) header", I have released an option to "embbed" urls in a DSM window too. It means also that now, on the opposite, scripts and WebApp can be opened in a new tab/window...