Admin upgrade page doesn't load with a CDN

Boost · August 8, 2020, 6:09pm

Continuing my issues after enabling a CDN and moving my site assets and uploads to S3 compatible storage, I noticed that the /admin/upgrade page doesn’t load because MY_CDN/assets/docker-manager-app-07d06764ce8970a55a9e89aa092994a1691d4d67ece07e1dfd191354ff526af3.js (and a few other files) is loaded from the main site CDN, but that isn’t included in CSP by default.

So I had to add: MY_CDN/assets/ to the " content security policy script src" setting in discourse. Even though the option says “The current host and CDN are included by default” But after adding that manual entry the upgrade page is no longer blank. So it seems that the default list of stuff to put in the CSP doesn’t cover everything.

This is with discourse version 2.6.0.beta1( 232d277833 )

RGJ · August 8, 2020, 7:13pm

How did you configure your CDN?

Boost · August 8, 2020, 7:25pm

My environment variables in app.yml:

In addition I have the assets upload hook from: Using Object Storage for Uploads (S3 & Clones)

pmusaraj · November 4, 2020, 5:31pm

This should be fixed now, more details in Totally blank upgrades page

pmusaraj · November 5, 2020, 11:00pm

This topic was automatically closed after 29 hours. New replies are no longer allowed.

Topic		Replies	Views
Admin upgrade page does not exist support	27	1815	July 9, 2020
Custom emoji don't use CDN for S3 stored assets in a few pages support	8	1911	September 5, 2020
Totally blank upgrades page bug	20	1614	November 4, 2020
DISCOURSE_CDN_URL causes content security policy violations? installation cdn	4	1585	February 6, 2020
After upgrade, unable to go in discourse support	9	328	February 14, 2024

Admin upgrade page doesn't load with a CDN

Related Topics