Uploaded image for project: 'ZABBIX FEATURE REQUESTS'
  1. ZABBIX FEATURE REQUESTS
  2. ZBXNEXT-6431

Support of content security policy for Inline JS scripts in UI

    XMLWordPrintable

Details

    • New Feature Request
    • Status: Closed
    • Medium
    • Resolution: Duplicate
    • 5.0.8rc1, 5.2.4rc1, 5.4.0alpha1
    • None
    • Frontend (F)
    • None

    Description

      After following these instructions to enable CSP:
      https://www.zabbix.com/documentation/current/manual/installation/requirements/best_practices#enabling_content_security_policy_csp_on_the_web_server

      Zabbix Dashboard page throws in Firefox dev console:
      Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). zabbix.php:21:1/

      Attachments

        Issue Links

          duplicates

          Change Request - An Change Request or enhancement Improvement to an existing feature or task. ZBXNEXT-3692 support for "Content Security Policy" HTTP header for zabbix frontend

          • Trivial - Cosmetic problem like misspelt words or misaligned text.
          • Closed

          Activity

            People

              vmurzins Valdis Murzins
              neogan Andrei Gushchin
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: