[Bug 42258] New: CSP OPAC: LibraryThing widget.js blocked
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=42258 Bug ID: 42258 Summary: CSP OPAC: LibraryThing widget.js blocked Initiative type: --- Sponsorship --- status: Product: Koha Version: unspecified Hardware: All OS: All Status: NEW Severity: normal Priority: P5 - low Component: OPAC Assignee: oleonard@myacpl.org Reporter: lari.taskula@hypernova.fi QA Contact: testopia@bugs.koha-community.org To test: 1. Enable preference LibraryThingForLibrariesEnabled 2. Set preference LibraryThingForLibrariesID = 1 3. Have at least one record catalogued 4. Open your browser's developer tools -> Console 5. Navigate to OPAC 6. Search any record and navigate to its details page 7. Observe the following error in your developer tools console Loading the script 'https://ltfl.librarything.com/forlibraries/widget.js?systype=koha&id=1' violates the following Content Security Policy directive: "script-src 'self' 'nonce-4rNHb7Wy5TpA327q_M8g90'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. The action has been blocked. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=42258 --- Comment #1 from Lari Taskula <lari.taskula@hypernova.fi> --- Forgot to add: this Bug assumes your koha-conf has csp_mode enabled -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org