Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » scout » Image blocked from loading - CSP configuration parameters not taken into account ?
Image blocked from loading - CSP configuration parameters not taken into account ? [message #1810195] Fri, 02 August 2019 18:00 Go to next message
Tore Van Grembergen is currently offline Tore Van GrembergenFriend
Messages: 19
Registered: July 2014
Location: Bassevelde
Junior Member
I have a tablefield created with string column that is configured to show HTML.
The purpose of this approach is to show an image in the column of the table..

public class BarcodeImageURLColumn extends AbstractStringColumn {
	@Override
	protected String getConfiguredHeaderText() {
		return TEXTS.get("Barcode");
	}

	@Override
	protected int getConfiguredWidth() {
		return 100;
	}

	@Override
	protected boolean getConfiguredHtmlEnabled() {
		// TODO Auto-generated method stub
		return true;
	}

}


the row data of that field is filled in as follows

voucherRow.setBarcodeImageURL(HTML.img(voucher.getBarcodeImageURL()).toHtml());


when looking in the HTML, the following code appears to be generated

<div class="table-cell white-space-nowrap halign-left first" style="min-width: 100px; max-width: 100px; "><img src="https://our.file.server/barcodes/voucher/0018/901/270/0018901270187.jpeg"></div>


So normally this should be OK to show the image in the respective column, however it is not shown.

if I copy the above url of the image in the browser, it is nicely shown.

Investigating further I noticed the following in the console log :

2019-08-02 16:48:06,676 WARN  [qtp660143728-17] org.eclipse.scout.rt.ui.html.csp.ContentSecurityPolicyReportHandler.handlePost(ContentSecurityPolicyReportHandler.java:74) - CSP-REPORT: {
  "csp-report": {
    "document-uri": "http:\/\/be0001c4439:8082\/?dl=outline-12600&i=customers",
    "referrer": "",
    "violated-directive": "img-src",
    "effective-directive": "img-src",
    "original-policy": "img-src 'self'; style-src 'self' 'unsafe-inline'; child-src *; default-src 'self'; report-uri csp-report; script-src 'self'; frame-src *",
    "disposition": "enforce",
    "blocked-uri": "https:\/\/rollbase.macintoshfashion.be.lan\/barcodes\/voucher\/0018\/901\/270\/0018901270187.jpeg",
    "status-code": 200,
    "script-sample": ""
  }


as per the documentation on the csp i tried the following in config.properties :

scout.cspDirective[img-src]=*


This should allow all images from external resources. However the error remains the same.

I also tried

scout.cspEnabled=false


Anybody an idea how this can be solved ?

Kind regards

Tore
Re: Image blocked from loading - CSP configuration parameters not taken into account ? [message #1810211 is a reply to message #1810195] Mon, 05 August 2019 05:50 Go to previous messageGo to next message
Patrick Bänziger is currently offline Patrick BänzigerFriend
Messages: 90
Registered: September 2011
Member
Hi Tore

The scout.cspDirective is the correct property, but needs to be set in the UI-application part.
So, you'd need to add the property in the property files for the modules yourproject.ui.html.app.war and yourproject.ui.html.app.dev.

Did you place them there / does it work if you do?
Re: Image blocked from loading - CSP configuration parameters not taken into account ? [message #1810212 is a reply to message #1810211] Mon, 05 August 2019 06:51 Go to previous message
Tore Van Grembergen is currently offline Tore Van GrembergenFriend
Messages: 19
Registered: July 2014
Location: Bassevelde
Junior Member
Dear Patrick,

you guesed it correctly.
I added them wrongly on the server side and not on the UI side.
I now added them on the UI part and it works perfectly.

Thanks for the info.

Kind regards

Tore
Previous Topic:Heatmap click event
Next Topic:embedding a PDF document as an object in the html code
Goto Forum:
  


Current Time: Sun Dec 08 02:47:14 GMT 2019

Powered by FUDForum. Page generated in 0.03255 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top