You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When enabling CSP, the following issue is reported:
Content-Security-Policy: The page’s settings observed the loading of a resource at inline (“script-src-attr”). A CSP report is being sent.
Disabling report-only mode breaks the page.
Steps to reproduce
Install latest peertube 6.0.2
Enable CSP
Open the website and observe above error message
Describe the expected behavior
Enabling CSP should not break functionality. A script-src-attr policy should be added to achieve this, most likely it will need to allow "unsafe-inline".
Additional information
PeerTube instance:
Version: 6.0.2
NodeJS version: v21.5.0
Browser name, version and platforms on which you could reproduce the bug: Current Firefox and Chrome versions in Ubuntu
The text was updated successfully, but these errors were encountered:
Describe the current behavior
When enabling CSP, the following issue is reported:
Content-Security-Policy: The page’s settings observed the loading of a resource at inline (“script-src-attr”). A CSP report is being sent.
Disabling report-only mode breaks the page.
Steps to reproduce
Describe the expected behavior
Enabling CSP should not break functionality. A script-src-attr policy should be added to achieve this, most likely it will need to allow "unsafe-inline".
Additional information
PeerTube instance:
Browser name, version and platforms on which you could reproduce the bug: Current Firefox and Chrome versions in Ubuntu
The text was updated successfully, but these errors were encountered: