I have a plugin who access Goolmap or openstreetmap, and now it's blocked by content security.
Can you help me to know how/where I can add a directive like that:
"content_security_policy": "script-src 'self' https://maps.googleapis.com https://maps.gstatic.com; object-src 'self'"
Since with all included yode of cacti I can't find where to do that.
thanks for your help
content_security_policy block access
Moderators: Developers, Moderators
content_security_policy block access
Test
Almalinux
php 8.2.14
mariadb 10.6.16
Cacti 1.2.27
Spine 1.2.27
RRD 1.7.2
thold 1.8
monitor 2.5
syslog 3.2
flowview: 3.3
weathermap 1.0 Beta
Almalinux
php 8.2.14
mariadb 10.6.16
Cacti 1.2.27
Spine 1.2.27
RRD 1.7.2
thold 1.8
monitor 2.5
syslog 3.2
flowview: 3.3
weathermap 1.0 Beta
Re: content_security_policy block access
It's a header that is exported I believe using the header() functionality of php.
Cacti Developer & Release Manager
The Cacti Group
Director
BV IT Solutions Ltd
+--------------------------------------------------------------------------+
Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation
The Cacti Group
Director
BV IT Solutions Ltd
+--------------------------------------------------------------------------+
Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation
Re: content_security_policy block access
I think you should log this on GitHub.com in the cacti issue list.
Before history, there was a paradise, now dust.
Re: content_security_policy block access
The solution was to add the following few line to the httpd configuration of the cacti virtual server:
<IfModule mod_headers.c>
Header set Content-Security-Policy "default-src * 'self' style-src 'unsafe-inline' img-src 'self' data:"
</IfModule>
That solve the issue, so not sure it's a cacti thing!
<IfModule mod_headers.c>
Header set Content-Security-Policy "default-src * 'self' style-src 'unsafe-inline' img-src 'self' data:"
</IfModule>
That solve the issue, so not sure it's a cacti thing!
Test
Almalinux
php 8.2.14
mariadb 10.6.16
Cacti 1.2.27
Spine 1.2.27
RRD 1.7.2
thold 1.8
monitor 2.5
syslog 3.2
flowview: 3.3
weathermap 1.0 Beta
Almalinux
php 8.2.14
mariadb 10.6.16
Cacti 1.2.27
Spine 1.2.27
RRD 1.7.2
thold 1.8
monitor 2.5
syslog 3.2
flowview: 3.3
weathermap 1.0 Beta
- TheWitness
- Developer
- Posts: 17047
- Joined: Tue May 14, 2002 5:08 pm
- Location: MI, USA
- Contact:
Re: content_security_policy block access
The current content security policy will not allow that. However, you can open a bug request on the Cacti web site to allow the Admin to add a list of allowed offsite domains that can access content. This was done for security reasons.
True understanding begins only when we realize how little we truly understand...
Life is an adventure, let yours begin with Cacti!
Author of dozens of Cacti plugins and customization's. Advocate of LAMP, MariaDB, IBM Spectrum LSF and the world of batch. Creator of IBM Spectrum RTM, author of quite a bit of unpublished work and most of Cacti's bugs.
_________________
Official Cacti Documentation
GitHub Repository with Supported Plugins
Percona Device Packages (no support)
Interesting Device Packages
For those wondering, I'm still here, but lost in the shadows. Yearning for less bugs. Who want's a Cacti 1.3/2.0? Streams anyone?
Life is an adventure, let yours begin with Cacti!
Author of dozens of Cacti plugins and customization's. Advocate of LAMP, MariaDB, IBM Spectrum LSF and the world of batch. Creator of IBM Spectrum RTM, author of quite a bit of unpublished work and most of Cacti's bugs.
_________________
Official Cacti Documentation
GitHub Repository with Supported Plugins
Percona Device Packages (no support)
Interesting Device Packages
For those wondering, I'm still here, but lost in the shadows. Yearning for less bugs. Who want's a Cacti 1.3/2.0? Streams anyone?
- TheWitness
- Developer
- Posts: 17047
- Joined: Tue May 14, 2002 5:08 pm
- Location: MI, USA
- Contact:
Re: content_security_policy block access
I logged this one: https://github.com/Cacti/cacti/issues/3336
True understanding begins only when we realize how little we truly understand...
Life is an adventure, let yours begin with Cacti!
Author of dozens of Cacti plugins and customization's. Advocate of LAMP, MariaDB, IBM Spectrum LSF and the world of batch. Creator of IBM Spectrum RTM, author of quite a bit of unpublished work and most of Cacti's bugs.
_________________
Official Cacti Documentation
GitHub Repository with Supported Plugins
Percona Device Packages (no support)
Interesting Device Packages
For those wondering, I'm still here, but lost in the shadows. Yearning for less bugs. Who want's a Cacti 1.3/2.0? Streams anyone?
Life is an adventure, let yours begin with Cacti!
Author of dozens of Cacti plugins and customization's. Advocate of LAMP, MariaDB, IBM Spectrum LSF and the world of batch. Creator of IBM Spectrum RTM, author of quite a bit of unpublished work and most of Cacti's bugs.
_________________
Official Cacti Documentation
GitHub Repository with Supported Plugins
Percona Device Packages (no support)
Interesting Device Packages
For those wondering, I'm still here, but lost in the shadows. Yearning for less bugs. Who want's a Cacti 1.3/2.0? Streams anyone?
Who is online
Users browsing this forum: No registered users and 3 guests