I have posted the detail question on Stack Overflow: discourse email activation no longer works due to Content Security Policy violation - Stack Overflow I boostrapped discourse using my custom app.yml which uses the cloudflare template like so: templates: - "templates/postgres.template.yml" -…

This is a bit embarrassing - but I have found out why this was. Once everything was working without cloudflare, I added the nginx pagespeed module to my nginx config (pagespeed on;) This was the reason for this error :frowning: I found this out browsing through the console within DevTools. I apol…

External nginx pagespeed module causes Security Policy violation

Installation

Falco (Falco) June 27, 2019, 3:24pm 12

That’s a bad idea in this day and age:

2 Likes

Topic		Replies	Views
Keyboard and mouse stopped working + content-security-policy error Installation nginx	7	433	November 6, 2023
Mitigate XSS Attacks with Content Security Policy Site Management how-to , content-security-policy	32	23978	June 13, 2023
Refused to load the script 'xxxx.com/cdn-cgi/speculation' because it violates the following Content Security Policy directive Support content-security-policy	4	8005	September 22, 2024
Fresh Discourse install on digitalocean, cannot activate account Installation	15	1428	January 21, 2019
After upgrade the content security policy script src for GTM Data & reporting	4	1843	April 13, 2021

External nginx pagespeed module causes Security Policy violation

Related topics