Closed Bug 1377831 Opened 8 years ago Closed 4 years ago

CSP error on Pontoon pages

Categories

(Webtools Graveyard :: Pontoon, defect, P3)

Product:
Webtools Graveyard
Component:
Pontoon
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED MOVED

People

(Reporter: mstanke, Unassigned)

References

(
URL
)

Details

In the browser console I see: Content Security Policy: Nastavení stránky zablokovalo načítání zdroje na self („script-src https://pontoon.mozilla.org 'unsafe-eval' 'sha256-x3niK4UU+vG6EGT2NK2rwi2j/etQodJd840oRpEnqd4=' 'sha256-fDsgbzHC0sNuBdM4W91nXVccgFLwIDkl197QEca/Cl4=' https://ssl.google-analytics.com/ga.js“). Source: onfocusin attribute on DIV element. netmonitor.properties
The same is actually in both project view https://pontoon.mozilla.org/cs/firefox/ and team view https://pontoon.mozilla.org/cs/. It's even duplicated on https://pontoon.mozilla.org/ - probably once for the Pontoon UI a once for the intro.
URL: https://pontoon.mozilla.org/cs/firefo...https://pontoon.mozilla.org/
Summary: CSP error in translation view → CSP error on Pontoon pages
Seems like a jQuery thing. We should check if upgrading the library fixes the issue.
Priority: -- → P3
See Also: → 1336076
*This bug has been moved to GitHub.* *Please check it out on https://github.com/mozilla/pontoon/issues.*
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → MOVED
Product: Webtools → Webtools Graveyard
You need to log in before you can comment on or make changes to this bug.