-
Notifications
You must be signed in to change notification settings - Fork 2.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dropdown not working in Gradio app when served through Nginx with security headers #7775
Open
1 task done
Comments
abidlabs
added
the
cloud
Issues that only happen when deploying Gradio on cloud services
label
Mar 21, 2024
@llmwesee do you see any errors in the console logs? |
@abidlabs I have replicated the same error with latest gradio version: 4.22.0
I have used simple boilerplate dropdown with gradio, I simply just want to use this app with csp headers on, specifically script-src and style-src with self .Plz tell me feasible solution |
@abidlabs Is there something more you need for this issue? |
Looking into it! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
When serving a Gradio app through Nginx with security headers configured, the dropdown feature within the app becomes unresponsive and stuck. This issue persists despite providing a nonce in the headers.
My Nginix config
we have gradio app we have nginx file and dropdown is ont working
nginx header:
we cant remnove header , because its for securtyy purpose i.e csp headres and many others issues
when we run this porject droipdwon feature not working it get stucked.But without nginx configs it work perfectly fine
we provided nonce but its not working
nonce is working in script tag but not in javascript functions
Steps to Reproduce
Set up Nginx server with the provided configuration file.
Serve the Gradio app through this Nginx server.
Access the Gradio app and attempt to use the dropdown feature.
Expected Behavior
The dropdown feature should work smoothly without any issues when served through Nginx with the provided security headers.
Actual Behavior
The dropdown feature becomes unresponsive and stuck when served through Nginx with the provided security headers.
Additional Context
The provided Nginx configuration file includes various security headers (such as CSP, HSTS, etc.) for security purposes, which cannot be removed.
Nonce has been provided in the headers, and it's functioning correctly in script tags but not in JavaScript functions.
Have you searched existing issues? 🔎
Reproduction
we cant remnove header , because its for securtyy purpose i.e csp headres and many others issues
when we run this porject droipdwon feature not working it get stucked.But without nginx configs it work perfectly fine
we provided nonce but its not working
nonce is working in script tag but not in javascript functions
Severity
I can work around it
The text was updated successfully, but these errors were encountered: