-
Notifications
You must be signed in to change notification settings - Fork 436
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CSP (Content Security Policy) blocking loading of unsafe-inline js #496
Comments
We don't use Turbolinks or have any CSP configured but when I get an better errors page it shows the message: "Better Errors can't run Javascript here, possibly because you have a Content Security Policy along with Turbolinks. But you can open the interactive console in a new tab/window." If I click the link for the interactive console it opens a page that is exactly the same as the first and without a console. I am using the master branch of better errors and chrome "Version 89.0.4350.4 (Official Build) dev (x86_64)". Frustrating to not be able to get a console like I am used to. Any help where to look for a solution? edit: I realized that if I wait long enough the console will appear, but it seems to take several minutes and then it will freeze up a lot. |
@joelcahalan sorry that you're running into problems with this. Keep in mind that this is a beta version. I suggest you upgrade to the latest release version (2.9.1) if you're not interested in troubleshooting this prerelease version. There's a discussion area for the beta release if you'd like to help me troubleshoot. |
Hi @RobinDaugherty , thank you for your quick response. Also, really sorry for my late response. I've tried using 2.10.0.beta1 and before this release, the right side was blank and now there's more information about the error. However, the link to the interactive console just opens up a tab with the same error page (duplicate). Also, the browser console still outputs CSP blocks > I don't believe we use turbolinks. (Our Rails version is 6.1.0 and ruby version is 2.7.1) |
Hi, we have csp configured and this blocks this gem from showing a live repl on the error page. The csp blocks unsafe-inline javascirpt, which is good for our app. However, this gem then doesn't work on error pages.
it's empty on the right side of the page.
The text was updated successfully, but these errors were encountered: