Description
Description:
The web UI terminal is broken in v1.14.38 due to overly strict Content Security Policy headers. This is a regression of previously fixed issue #9420 (PR #9700).
Environment:
- Version: v1.14.38 (CLI is on v1.14.39, web still broken)
- OS: Windows 11
- Browser: Chrome/Edge (latest)
Error Logs (Browser Console):
Executing inline script violates the following Content Security Policy directive 'script-src 'self' 'wasm-unsafe-eval''
Connecting to 'data:application/wasm;base64,...' violates the following Content Security Policy directive: "connect-src ". Note that '' matches only URLs with network schemes ('http', 'https', 'ws', 'wss'), or URLs whose scheme matches self's scheme. The scheme 'data:' must be added explicitly.
Plugins
No response
OpenCode version
Version: v1.14.38 (CLI is on v1.14.39, web still broken)
Steps to reproduce
- run 'opencode serve'
- Open the web interface in a browser
- Open web terminal
- Terminal fails to load with CSP errors
Screenshot and/or share link
Operating System
Windows 11 23H2
Terminal
No response
Description
Description:
The web UI terminal is broken in v1.14.38 due to overly strict Content Security Policy headers. This is a regression of previously fixed issue #9420 (PR #9700).
Environment:
Error Logs (Browser Console):
Executing inline script violates the following Content Security Policy directive 'script-src 'self' 'wasm-unsafe-eval''
Connecting to 'data:application/wasm;base64,...' violates the following Content Security Policy directive: "connect-src ". Note that '' matches only URLs with network schemes ('http', 'https', 'ws', 'wss'), or URLs whose scheme matches self's scheme. The scheme 'data:' must be added explicitly.
Plugins
No response
OpenCode version
Version: v1.14.38 (CLI is on v1.14.39, web still broken)
Steps to reproduce
Screenshot and/or share link
Operating System
Windows 11 23H2
Terminal
No response