What was the value? And what in the logs? On Fri, 22 May 2020 at 21:54, Peter Dähn <da...@vcrp.de> wrote:
> Hi Maxim, > > I missed this change... But if I try to change header.csp.image > > this ends up like this... > > > > Greetings Peter > > Am 22.05.20 um 16:43 schrieb Maxim Solodovnik: > > yep > this huge config param was splitted > please check > herehttps://builds.apache.org/view/M-R/view/OpenMeetings/job/openmeetings/site/openmeetings-server/GeneralConfiguration.html > > On Fri, 22 May 2020 at 21:40, Peter Dähn <da...@vcrp.de> <da...@vcrp.de> > wrote: > > > Hi together, > > after latest update of OM to Revision aa09332 I get following error: > > > *Refused to load the image 'https://HOST/portrait' because it violates the > following Content Security Policy directive: "img-src 'self' 'self' data: > data:". * > Changing in csp header config to > > > *default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' > 'unsafe-inline' 'unsafe-eval'; img-src 'self' HOST data:; > X-Content-Type-Options ''; * > and restart om doesn't change this behavior. > > Do I do something wrong or is it a bug? > > Greetings Peter > > > > -- Best regards, Maxim