New Content-Security-Policy prevents External Links from being opened #3452

TheWitness · 2020-04-10T15:03:25Z

Describe the bug

The extremely restrictive new CSP causes External Links to break. Need to allow more permissive policy to allow them to work.

To Reproduce

Install Cacti 1.2.11
Create and External Link to cacti.net
Attempt to Access that link
See in the browsers debugger, that the CSP prevented that

Expected behavior

By default, Cacti should allow External links.

New Content-Security-Policy prevents External Links from Operating

TheWitness added the bug Undesired behaviour label Apr 10, 2020

TheWitness added a commit that referenced this issue Apr 10, 2020

Fixing Issue #3452

dd6c20c

New Content-Security-Policy prevents External Links from Operating

TheWitness added this to the 1.2.12 milestone Apr 10, 2020

TheWitness added the resolved A fixed issue label Apr 10, 2020

TheWitness closed this as completed Apr 20, 2020

netniV added the confirmed Bug is confirm by dev team label Apr 26, 2020

netniV changed the title ~~New Content-Security-Policy prevents External Links from Operating~~ New Content-Security-Policy prevents External Links from being opened May 3, 2020

github-actions bot locked and limited conversation to collaborators Aug 2, 2020

New Content-Security-Policy prevents External Links from being opened #3452

New Content-Security-Policy prevents External Links from being opened #3452

Comments

TheWitness commented Apr 10, 2020

Describe the bug

To Reproduce

Expected behavior