-
-
Notifications
You must be signed in to change notification settings - Fork 242
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
dsa-webworker can't load scripts if CSP uses nonce #521
Comments
In which app does this happens? Do you use any pipe/combine/minify mechanism? Can you post the complete HTTP header? |
@theCalcaholic can you post the complete header of the html file on which the error occurs? |
I don't have that error anymore, sorry. It was fixed for me in an update to the jsxc, iirc. |
@theCalcaholic thanks for reporting. |
hi. Have same trouble with Nextcloud 12.0.3 Uncaught DOMException: Failed to execute 'importScripts' on 'WorkerGlobalScope': The script at 'https://cloud.ipcd.ru/apps/ojsxc/js/jsxc/lib/otr/vendor/salsa20.js' failed to load. |
This is a known bug and I already opened an issue nextcloud/server#5936. For me it looks like there is no nice fix for this, so we probably have to concatenate the web worker. Btw. pull requests are always welcome. |
thx. very helpful. Now as I see everything works as it should.
2017-11-03 11:24 GMT+03:00 okamzol <notifications@github.com>:
… Hi,
have had the same problem and found a working solution. I played a bit
with policy rules in app.php and ended up with adding my domain as
additional rule for addAllowedScriptDomain.
After line 27 add:
$policy->addAllowedScriptDomain('https://my.domain.tld');
Tested and works with Chrome Version 61.0.3163.100
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#521 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AfguFVDCoc5BZi8xHmt0olyMm9c4HVLJks5sys2vgaJpZM4NQo7d>
.
|
Sadly this doesn't work, because Nextcloud replaces the |
Hope this fix works for you guys. |
I'm running ojsxc 3.1.1 on Nextcloud 11.0.3 which uses a CSP with a random nonce for loading scripts:
This causes a problem for the
dsa-webworker.js
which tries to load external scripts but omits the nonce when doing so:The text was updated successfully, but these errors were encountered: