Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Eclipse Scout » Image blocked from loading - CSP configuration parameters not taken into account ?
Image blocked from loading - CSP configuration parameters not taken into account ? [message #1810195] Fri, 02 August 2019 18:00 Go to next message
Tore Van Grembergen is currently offline Tore Van GrembergenFriend
Messages: 19
Registered: July 2014
Location: Bassevelde
Junior Member
I have a tablefield created with string column that is configured to show HTML.
The purpose of this approach is to show an image in the column of the table..

public class BarcodeImageURLColumn extends AbstractStringColumn {
	@Override
	protected String getConfiguredHeaderText() {
		return TEXTS.get("Barcode");
	}

	@Override
	protected int getConfiguredWidth() {
		return 100;
	}

	@Override
	protected boolean getConfiguredHtmlEnabled() {
		// TODO Auto-generated method stub
		return true;
	}

}


the row data of that field is filled in as follows

voucherRow.setBarcodeImageURL(HTML.img(voucher.getBarcodeImageURL()).toHtml());


when looking in the HTML, the following code appears to be generated

<div class="table-cell white-space-nowrap halign-left first" style="min-width: 100px; max-width: 100px; "><img src="https://our.file.server/barcodes/voucher/0018/901/270/0018901270187.jpeg"></div>


So normally this should be OK to show the image in the respective column, however it is not shown.

if I copy the above url of the image in the browser, it is nicely shown.

Investigating further I noticed the following in the console log :

2019-08-02 16:48:06,676 WARN  [qtp660143728-17] org.eclipse.scout.rt.ui.html.csp.ContentSecurityPolicyReportHandler.handlePost(ContentSecurityPolicyReportHandler.java:74) - CSP-REPORT: {
  "csp-report": {
    "document-uri": "http:\/\/be0001c4439:8082\/?dl=outline-12600&i=customers",
    "referrer": "",
    "violated-directive": "img-src",
    "effective-directive": "img-src",
    "original-policy": "img-src 'self'; style-src 'self' 'unsafe-inline'; child-src *; default-src 'self'; report-uri csp-report; script-src 'self'; frame-src *",
    "disposition": "enforce",
    "blocked-uri": "https:\/\/rollbase.macintoshfashion.be.lan\/barcodes\/voucher\/0018\/901\/270\/0018901270187.jpeg",
    "status-code": 200,
    "script-sample": ""
  }


as per the documentation on the csp i tried the following in config.properties :

scout.cspDirective[img-src]=*


This should allow all images from external resources. However the error remains the same.

I also tried

scout.cspEnabled=false


Anybody an idea how this can be solved ?

Kind regards

Tore
Re: Image blocked from loading - CSP configuration parameters not taken into account ? [message #1810211 is a reply to message #1810195] Mon, 05 August 2019 05:50 Go to previous messageGo to next message
Patrick Baenziger is currently offline Patrick BaenzigerFriend
Messages: 96
Registered: September 2011
Member
Hi Tore

The scout.cspDirective is the correct property, but needs to be set in the UI-application part.
So, you'd need to add the property in the property files for the modules yourproject.ui.html.app.war and yourproject.ui.html.app.dev.

Did you place them there / does it work if you do?
Re: Image blocked from loading - CSP configuration parameters not taken into account ? [message #1810212 is a reply to message #1810211] Mon, 05 August 2019 06:51 Go to previous messageGo to next message
Tore Van Grembergen is currently offline Tore Van GrembergenFriend
Messages: 19
Registered: July 2014
Location: Bassevelde
Junior Member
Dear Patrick,

you guesed it correctly.
I added them wrongly on the server side and not on the UI side.
I now added them on the UI part and it works perfectly.

Thanks for the info.

Kind regards

Tore
Re: Image blocked from loading - CSP configuration parameters not taken into account ? [message #1861174 is a reply to message #1810195] Tue, 26 September 2023 06:35 Go to previous message
Oueslati Anis is currently offline Oueslati AnisFriend
Messages: 137
Registered: June 2014
Location: Paris
Senior Member
Hello,
I have the same issue, except that I placed the property
scout.cspDirective[img-src]=*
in the ui module and it does not work.
I have a multi module application

a core module containing the ui ( where I created the property )

and an other module that contain the implementation of the heat map.
it seems that the module containing the heat map does not recognise the properties of the core ui module properties

what to do in this case.
Kind regards
Previous Topic:Eclipse Scout 23.2 is out now!
Next Topic:Error when building separately the client module: missing artefact helloscout-root:pom
Goto Forum:
  


Current Time: Thu Dec 12 17:24:54 GMT 2024

Powered by FUDForum. Page generated in 0.03594 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top