Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Content Security Policy (CSP) #27595

Closed
hoang1998lqd opened this issue Oct 16, 2024 · 4 comments
Closed

Content Security Policy (CSP) #27595

hoang1998lqd opened this issue Oct 16, 2024 · 4 comments
Labels
area: triage theme: undefined
Milestone
8.7.2

Comments

@hoang1998lqd
Copy link

hoang1998lqd commented Oct 16, 2024
edited
Loading

I am having trouble configuring Content Security Policy (CSP) at the gateway when not using 'unsafe-eval' 'unsafe-inline' in the configuration.

Using jhipster version 6.10.5, Node version 16.17.0
@mraible
Copy link
Contributor

mraible commented Oct 16, 2024

Can you please explain your issue in more detail? It's really hard to fix a bug if we can't reproduce it.

@hoang1998lqd
Copy link
Author

image

When I configure the content security section as shown in the image, an error appears in Angular as shown below.

image

@OmarHawk
Copy link
Contributor

You are on a super old version. In more recent versions, the amount of issues regarding such CSPs (without unsafe-inline) dropped severely, so I do suggest upgrading your application first to the latest version.

@mshima
Copy link
Member

mshima commented Oct 24, 2024

JHipster 6 is too old. You should upgrade.

@mshima mshima closed this as not planned Won't fix, can't repro, duplicate, stale Oct 24, 2024
@mraible mraible added this to the 8.7.2 milestone Oct 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area: triage theme: undefined
Projects
None yet
Milestone
8.7.2
Development

No branches or pull requests
4 participants
@mraible @mshima @OmarHawk @hoang1998lqd