Closed Bug 1738087 Opened 3 years ago Closed 3 years ago

[eliot] csp error blocks script/css loading

Categories

(Eliot :: General, defect, P2)

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: willkg, Assigned: willkg)

Details

Both stage and prod Eliot are kicking up CORS errors when loading scripts and css:

Content Security Policy: The page’s settings blocked the loading of a resource at https://symbolication.stage.mozaws.net/static/tailwindcss/tailwind.2.2.16.min.css (“default-src”).

The HTTP headers for / are this:

Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; report-uri /__cspreport__

Need to fix that so that the resources load.

I'm all confused. This is a CSP problem which is a header getting set in nginx. I'll fix that in the deploy configuration.

Summary: [eliot] cors error blocks script/css loading → [eliot] csp error blocks script/css loading

This got deployed to production in the last push. We're all set now.

Status: ASSIGNED → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED

Moving to Eliot product.

Component: Symbolication → General
Product: Tecken → Eliot
You need to log in before you can comment on or make changes to this bug.