Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New lighttpd response headers break device firmware update checks #620

Closed
hobbyquaker opened this issue May 5, 2019 · 1 comment
Closed

New lighttpd response headers break device firmware update checks #620

hobbyquaker opened this issue May 5, 2019 · 1 comment
Labels
🐛 bug-report Something isn't working 🔥 security relevant This is a security relevant issue/ticket 👍 important This is an important issue/ticket with high priority
Milestone
3.45.7.20190511

Comments

@hobbyquaker
Copy link
Contributor

hobbyquaker commented May 5, 2019
edited
Loading

Refused to load the script 'https://ccu3-update.homematic.com:8443/firmware/api/firmware/search/DEVICE?ts=1557084332747' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' *.homematic.com https://gitcdn.xyz ". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
@hobbyquaker hobbyquaker mentioned this issue May 5, 2019
Closed
@libertyx82
Copy link
Contributor

I have a similar problem by accessing the webui over a reverse proxy

Refused to load the script 'https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' *.homematic.com https://gitcdn.xyz ". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

@jens-maus jens-maus added 🐛 bug-report Something isn't working 🔥 security relevant This is a security relevant issue/ticket ❓ undecided No decision to accept or reject ticket yet 👍 important This is an important issue/ticket with high priority labels May 6, 2019
@jens-maus jens-maus added this to the next release milestone May 7, 2019
@jens-maus jens-maus removed the ❓ undecided No decision to accept or reject ticket yet label May 7, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🐛 bug-report Something isn't working 🔥 security relevant This is a security relevant issue/ticket 👍 important This is an important issue/ticket with high priority
Projects
None yet
Milestone
3.45.7.20190511
Development

No branches or pull requests
3 participants
@hobbyquaker @jens-maus @libertyx82