Actions
Bug #101887
closed
Javascript error for each module visited on the backend
Status:
Closed
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2023-09-09
Due date:
% Done:
0%
Estimated time:
TYPO3 Version:
13
PHP Version:
8.1
Tags:
Complexity:
Is Regression:
Sprint Focus:
Description
This issue happens with the latest main (installed using ddev - IDK if it is relevant)
Each time I visit a module on the backend (e.g. the Content Security Policy Module) on the browser console I get the error:
VM9:1 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'nonce-njXWnHjVkLpJzYp0l_dWk-RatlLO4_jfi7U6It22KtiRn8h7T5PKIg' 'report-sample'". Either the 'unsafe-inline' keyword, a hash ('sha256-FDyPg8CqqIpPAfGVKx1YeKduyLs0ghNYWII21wL+7HM='), or a nonce ('nonce-...') is required to enable inline execution.
The Content Security Policy Module writes an entry for each of these, like:
Details
Directive / Disposition
script-src-elem / enforce
Document URI
https://typo3.main.it.ddev.site:8443/typo3/module/tools/csp (1:311)
Blocked URI
inline
Sample
;(function r(e,t=!1){const o="6.0";let i
User Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
UUID
2ff45b8c-08ec-4d09-8bec-90f8eedf3670
Summary
7110e80b7a9ecff8dc82e8241d4ef774d3cc36cf
Updated by 
Updated by
Actions