Closed
Bug 1387300
Opened 7 years ago
Closed 5 years ago
[PulseGuardian] CSP errors on DuoSec page
Categories
(Webtools :: Pulse, enhancement)
Webtools
Pulse
Tracking
(Not tracked)
RESOLVED
WORKSFORME
People
(Reporter: mcote, Unassigned)
Details
From local testing, I'm getting some CSP errors on the DuoSec page when I choose to log in via LDAP: Content Security Policy: The page’s settings blocked the loading of a resource at self (“default-src https://api-4b043da5.duosecurity.com”). Source: onfocusin attribute on DIV element. Content Security Policy: The page’s settings blocked the loading of a resource at https://pulseguardian-dev.allizom.org:5000/static/fonts/glyphicons-halflings-regular.woff2 (“default-src https://api-4b043da5.duosecurity.com”). Content Security Policy: The page’s settings blocked the loading of a resource at self (“default-src https://api-4b043da5.duosecurity.com”). Source: onfocusin attribute on DIV element. Looks like the first and the third are DuoSec's fault, but the second is odd. I'm not sure why it's trying to load a font after we've been redirected to duosecurity.com. Regardless, these errors don't seem to affect functionality during and after logging in.
Updated•5 years ago
|
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•