Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Giveth Safe App is broken, ancestor violates Content Security Policy directive #4898

Closed
divine-comedian opened this issue Dec 11, 2024 · 2 comments
Closed

Giveth Safe App is broken, ancestor violates Content Security Policy directive #4898

divine-comedian opened this issue Dec 11, 2024 · 2 comments
Assignees
@kkatusic

Comments

@divine-comedian
Copy link
Contributor

Describe the bug

Cannot use Giveth Multisig App on Safe

produces error related to Refused to frame 'https://giveth.io/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'"

Issue was reported by user and I was able to reproduce it.

To Reproduce
Steps to reproduce the behavior:

  1. Go to a Safe you are a sign of on either Optimism, Mainnet, Arbitrum, Base, Polygon...
  2. Go to Safe Apps
  3. Open Give safe app
  4. See broken page error giveth.io refused to connect.

Expected behavior
When you try to connect to the Giveth Safe App it should load properly the giveth homepage inside the Safe App frame.

Screenshots
Screenshot from 2024-12-11 11-30-21

Desktop (please complete the following information):

  • OS: Ubuntu 24.04
  • Browser Brave
@github-project-automation github-project-automation bot moved this to New Issues in All-Devs Dec 11, 2024
@divine-comedian divine-comedian moved this from New Issues to Dev Research in All-Devs Dec 11, 2024
@kkatusic kkatusic moved this from Dev Research to In Progress in All-Devs Dec 11, 2024
@kkatusic kkatusic self-assigned this Dec 11, 2024
@kkatusic kkatusic mentioned this issue Dec 11, 2024
Merged
@kkatusic kkatusic moved this from In Progress to Code Review/PR in All-Devs Dec 11, 2024
@kkatusic kkatusic moved this from Code Review/PR to QA in All-Devs Dec 12, 2024
@geleeroyale
Copy link
Collaborator

Nice - our new headers work. We were hoping to catch any bugs in testing. @kkatusic was able to put together a quick PR to allow framing specifically for safe.

#4899

@divine-comedian
Copy link
Contributor Author

Hero! Tested on production and it appears to work, closing this one out

@github-project-automation github-project-automation bot moved this from QA to Done in All-Devs Dec 12, 2024
@divine-comedian divine-comedian moved this from Done to Merged to Production in All-Devs Jan 9, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kkatusic kkatusic

Labels
None yet
Projects
All-Devs
Status: Merged to Production
Milestone
No milestone
Development

No branches or pull requests
4 participants
@geleeroyale @kkatusic @divine-comedian and others