Weird CSP issues with CDN enabled on Multisite

So this is a continuation of adventures from my previous report this morning, Which was fixed by adding the CDN link to CSP src. Since then, I’ve had all sorts of weird issues.
Now, everything seems to have settled down to these issues:

image1113×152 19.9 KB

What it seems like is that there are several CSP violations (strange) from the hostname itself. Now, The site is configured in a 2 Container Multisite environment with CDN deployed for assets and media. Files are being stored at DO Spaces (which part is working fine) and site assets are being loaded from CDN configured to pull from the main domain of multisite. everything seems to be loading fine even with CSP enabled but F12 reports some CSP violations (I had to configure it to disable CSP and enable CSP_Report)

The strange thing is that it was working fine till yesterday and something has probably changed in the last 24 hours regarding CSP which is causing this?

It is important to note that this CSP mumbo jumbo gets fixed if CDN is disabled for assets. Maybe there is something wrong about the way we’ve implemented the origin for CDN?

I’d appreciate some advice upon how to configure pull zone for a CDN in case of multisite.

So my original issue is mostly sorted as of now, Had to laboriously delete and reinstall the theme components and that seemingly has fixed the CSP issues on the main site but there are still issues relating to CSP and these are stopping docker manager from loading.

image890×155 6.28 KB

My understanding was that CDN links are automatically added to CSP source so I have performed rebuilds a few times at this point trying to disable/enable CDN links and still docker manager fails to load. However, I have other multisite installs which have CDN enabled but those load just fine? what could be tested here?

This commit seems to have fixed this problem.

https://github.com/discourse/docker_manager/commit/d0fff7cd6e1359609e6f1e0558854efdd32f3cc4

Thanks @Falco