View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0021165 | mantisbt | ui | public | 2016-06-27 10:53 | 2016-07-09 19:28 |
Reporter | atrol | Assigned To | vboctor | ||
Priority | normal | Severity | major | Reproducibility | have not tried |
Status | closed | Resolution | fixed | ||
Product Version | 1.3.0-rc.2 | ||||
Target Version | 1.3.0 | Fixed in Version | 1.3.0 | ||
Summary | 0021165: Using database configuration to enable gravatars does not work | ||||
Description | The CSP header looks like the following line if show_avatar is enabled in database using adm_config_report.php: content-security-policy:"default-src 'self'; frame-ancestors 'none'; style-src 'self'; script-src 'self'" In FF you will see no avatar images because of this. Using Edge shows broken avatar images. (see screen shot) Enabling gravatars using config_inc.php works as the CSP header looks like content-security-policy:"img-src 'self' http://www.gravatar.com/" I had a short look at the code. One problem seems to be that config_get and config_get_global are used to get the show_avatar setting. The first question is: Should we go on to allow gravatar configuration in database? | ||||
Tags | No tags attached. | ||||
Attached Files | |||||
MantisBT: master-1.3.x d9ea9992 2016-06-29 19:55 Details Diff |
show_avatar config in db doesn't work Fixes 0021165 |
Affected Issues 0021165 |
|
mod - plugins/Gravatar/Gravatar.php | Diff File | ||
MantisBT: master 1ee1fa6b 2016-06-29 19:55 Details Diff |
show_avatar config in db doesn't work Fixes 0021165 |
Affected Issues 0021165 |
|
mod - plugins/Gravatar/Gravatar.php | Diff File |