Skip to content

detect items prevented from loading by content security policy #185

Description

@kenirwin

Springshare can change the servers that their content loads from (e.g. librarian images, scheduler scripts, etc.). When a new server gets used , our content security policy will prevent unapproved servers from loading content. What mechanisms can we use to detect and report errors?

Some ideas:

  • can we detect load problems and log them more clearly in the console?
    • is there a way for these errors to be logged and reported to an admin?
  • scan the cache/Librarians.js file for url domains; identify any domains not covered by the csp, including the custom csp additions in default.json (server.csp)
    • this scan could run every time the server starts and report problems to an admin

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions