[
https://issues.apache.org/jira/browse/AMQ-9739?focusedWorklogId=974385&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-974385
]
ASF GitHub Bot logged work on AMQ-9739:
---------------------------------------
Author: ASF GitHub Bot
Created on: 11/Jul/25 19:51
Start Date: 11/Jul/25 19:51
Worklog Time Spent: 10m
Work Description: sergio-d-lemos opened a new pull request, #1472:
URL: https://github.com/apache/activemq/pull/1472
This change fixes an issue unintentionally introduced by a previous commit
where I added the Content-Security-Policy HTTP header to the Web Console
application. The "upgrade-insecure-requests" tells the browser to automatically
upgrade HTTP requests to HTTPS, which ends up breaking the assets loading in
some browsers when running the Web Console with HTTP only.
I tested by browsing all the Web Console tabs in Chrome and Safari.
Issue Time Tracking
-------------------
Worklog Id: (was: 974385)
Time Spent: 20m (was: 10m)
> Web Console assets fail to load when not using HTTPS
> ----------------------------------------------------
>
> Key: AMQ-9739
> URL: https://issues.apache.org/jira/browse/AMQ-9739
> Project: ActiveMQ Classic
> Issue Type: Bug
> Components: Web Console
> Affects Versions: 6.1.7
> Reporter: Sérgio Lemos
> Priority: Major
> Time Spent: 20m
> Remaining Estimate: 0h
>
> As part of the changes in https://issues.apache.org/jira/browse/AMQ-9697 I
> added "upgrade-insecure-requests" to the Content-Security-Policy header. This
> policy caused CSS and images to fail to load when not running the Web Console
> over HTTPS.
>
> When using the Safari browser, the console shows the errors:
> "[Error] Failed to load resource: An SSL error has occurred and a secure
> connection to the server cannot be made. (head.css, line 0)
> [Error] Failed to load resource: An SSL error has occurred and a secure
> connection to the server cannot be made. (common.js, line 0)
> [Error] Failed to load resource: An SSL error has occurred and a secure
> connection to the server cannot be made. (css.js, line 0)
> [Error] Failed to load resource: An SSL error has occurred and a secure
> connection to the server cannot be made. (standardista-table-sorting.js, line
> 0)
> [Error] Failed to load resource: An SSL error has occurred and a secure
> connection to the server cannot be made. (prettify.js, line 0)
> [Error] Failed to load resource: An SSL error has occurred and a secure
> connection to the server cannot be made. (head.js, line 0)"
>
> Apparently Chrome is able to handle it correcly.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
