Continuing my issues after enabling a CDN and moving my site assets and uploads to S3 compatible storage, I noticed that the
/admin/upgrade page doesn’t load because
MY_CDN/assets/docker-manager-app-07d06764ce8970a55a9e89aa092994a1691d4d67ece07e1dfd191354ff526af3.js (and a few other files) is loaded from the main site CDN, but that isn’t included in CSP by default.
So I had to add:
MY_CDN/assets/ to the " content security policy script src" setting in discourse. Even though the option says “The current host and CDN are included by default” But after adding that manual entry the upgrade page is no longer blank. So it seems that the default list of stuff to put in the CSP doesn’t cover everything.
This is with discourse version 2.6.0.beta1( 232d277833 )