Uploaded image for project: 'Hue (READ ONLY)'
  1. Hue (READ ONLY)
  2. HUE-4455

[security] secure_content_security_policy breaks the editor and GA

          Details

          • Type: Bug
          • Status: Resolved
          • Priority: Critical
          • Resolution: Fixed
          • Affects Version/s: 3.10.0
          • Fix Version/s: 3.11.0
          • Component/s: core.api
          • Labels:
            None
          • Environment:

            Chrome on Ubuntu

            Description

            Refused to load the image 'https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-40351920-1&cid=1231153602.1465251741&jid=646081561&_v=j44&z=786001453' because it violates the following Content Security Policy directive: "img-src 'self' www.google-analytics.com".

            also the editor
            https://www.dropbox.com/s/u5kses7i35z3yu2/Screenshot%202016-07-28%2016.59.48.jpg?dl=0

              Attachments

                Issue Links

                depends on

                Bug - A problem which impairs or prevents the functions of the product. HUE-4372 [core] Missing some security related response headers

                • Major - Major loss of function.
                • Resolved

                  Activity

                    People

                    • Assignee:
                      ranade Prakash
                      Reporter:
                      aaronpeddle Aaron Peddle
                    • Votes:
                      0 Vote for this issue
                      Watchers:
                      3 Start watching this issue

                      Dates

                      • Created:
                        Updated:
                        Resolved: