Admin upgrade page doesn't load with a CDN

Boost · August 8, 2020, 6:09pm

Continuing my issues after enabling a CDN and moving my site assets and uploads to S3 compatible storage, I noticed that the /admin/upgrade page doesn’t load because MY_CDN/assets/docker-manager-app-07d06764ce8970a55a9e89aa092994a1691d4d67ece07e1dfd191354ff526af3.js (and a few other files) is loaded from the main site CDN, but that isn’t included in CSP by default.

So I had to add: MY_CDN/assets/ to the " content security policy script src" setting in discourse. Even though the option says “The current host and CDN are included by default” But after adding that manual entry the upgrade page is no longer blank. So it seems that the default list of stuff to put in the CSP doesn’t cover everything.

This is with discourse version 2.6.0.beta1( 232d277833 )

RGJ · August 8, 2020, 7:13pm

How did you configure your CDN?

Boost · August 8, 2020, 7:25pm

My environment variables in app.yml:

In addition I have the assets upload hook from: Configure an S3 compatible object storage provider for uploads

pmusaraj · November 4, 2020, 5:31pm

This should be fixed now, more details in Totally blank upgrades page

pmusaraj · November 5, 2020, 11:00pm

This topic was automatically closed after 29 hours. New replies are no longer allowed.

Topic		Replies	Views
Admin upgrade page does not exist Support	27	1985	July 9, 2020
Custom emoji don't use CDN for S3 stored assets in a few pages Support	8	2155	September 5, 2020
Totally blank upgrades page Bug	20	1772	November 4, 2020
DISCOURSE_CDN_URL causes content security policy violations? Installation cdn	4	1706	February 6, 2020
After upgrade, unable to go in discourse Support	9	496	February 14, 2024

Admin upgrade page doesn't load with a CDN

Related topics