View Issue Details

IDProjectCategoryView StatusLast Update
0021653mantisbtreportspublic2016-10-02 18:41
Reporteratrol Assigned Tovboctor  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Product Version2.0.0-beta.2 
Target Version2.0.0-beta.3Fixed in Version2.0.0-beta.3 
Summary0021653: Graphs broken
Description

Graphs are no longer displayed due to CSP violations.
Regression, worked in 2.0.0-beta.1.

TagsNo tags attached.

Relationships

related to 0021650 closedvboctor Content-Security-Policy is disabled in 2.0.0-beta.1 

Activities

dregad

dregad

2016-08-29 07:18

developer   ~0053905

Likely caused by invalid CSP source directive, see my note on commit MantisBT master 133c109f

https://github.com/mantisbt/mantisbt/commit/133c109fd8ff26c44c3d617ec6171c075b486782#commitcomment-18810549

vboctor

vboctor

2016-09-05 23:54

manager   ~0053953

The charts are not rendering because the charts pages uses inline script and that is not white listed. There is also no current way to white list such pages.

vboctor

vboctor

2016-09-06 00:09

manager   ~0053954

PR: https://github.com/mantisbt/mantisbt/pull/881

Related Changesets

MantisBT: master bad2c14c

2016-09-19 22:43

vboctor

Committer: GitHub


Details Diff
Fix CSP errors in MantisGraph plugin (0000881)

Fixes 0021653
Affected Issues
0021653
mod - plugins/MantisGraph/MantisGraph.php Diff File