security

Post about your customizations to share with others.

Moderators: Contributor, Developer

security

Postby ijn953 » Nov 05, 2017 7:56 am

Hello

I'm in the middle of migrating from old fedora and old mantis to new ubuntu and new mantis.
I have in my old mantis background colors but I can't see them in the new mantis,
the old mantis doesn't have CSP rolls, i think that it related.

but today I had noticed that when I tried to load the demo of mantis from the mantis site
i get the same problem

Refused to load the font 'data:font/woff;base64,d09GRgABAAAAAI3gABIAAAABRWQAAQABAAAAAAAAAAAAAAAAAAAAAAAAAABHUE9TAAABlAAACMoAABJKyujMg0dTVUIAAApgAAAAUwAAAHCOOI56T1MvMgAACrQAAABcAAAAYNk4qA5jbWFwAAALEAAAAIEAAAC0jBiQAGN2dCAAAAuUAAAAGgAAABoA7AimZnBnbQAAC7AAAAECAAABcwZZnDdnYXNwAAAMtAAAAAwAAAAMACIAGGdseWYAAAzAAABSygAAubBheDH9aGRteAAAX4wAAAoHAAAUKE4Jg9doZWFkAABplAAAADYAAAA2/E/x4WhoZWEAAGnMAAAAHwAAACQPaQc8aG10eAAAaewAAAIMAAADbmB1YDdrZXJuAABr+AAAHTYAAFcYYDRhP2xvY2EAAIkwAAABvgAAAb6LJGLGbWF4cAAAivAAAAAgAAAAIAL2BApuYW1lAACLEAAAANMAAAF4HEI4H3Bvc...VQUSWVVVFVNdXVUFMttdVRVz31NdBQI4010VQzzbXQUiuttdFWO+11CAmz1iSTHbfEC1PMMdNym60LCTfDYxMt9Mlnsy01zVnPfbTCFl998c0a21120Q4ddTJPZ1d1cckVN11z3Q0vdXXHLbft1M0H89131z3dvfbWdD310EsfvfW1Sj8D9DfQIEMMNtQwrww30gijjDHaIauNM9Z4E7zxzhEP7LLbQ888ssdeBxx0zj77nTfVCScdC4nw3imnQyJDokKiQ2JCYkMC4XWb1K4dNaRvj2CwQvCfK4dX+bnSonyu9KLEslS95MTiVN6UzNSi1OLMYjCPKzG5tAQiwZ+cWZRcmpuWk1oB5nMWZealQxSVZOakQBQBAC/zgrd4AdvBwKDNsIuBkYGJgUmbcRcDM4SxH8goYYhn8GIwZVBgYGDg0N7PwMIwnaGGIYHBlUELLMKwH6htK8MUhmKGIAYjqCImVEUgs1mBOtm1gRYpuNZmSrgAALqcEVgAAAA=' because it violates the following Content Security Policy directive: "font-src fonts.gstatic.com maxcdn.bootstrapcdn.com".

so maybe it's not my mantis
can you help
thanks
ijn953
 
Posts: 8
Joined: Oct 15, 2017 9:24 am

Re: security

Postby atrol » Nov 05, 2017 8:11 am

ijn953 wrote:when I tried to load the demo of mantis from the mantis site
What do you mean with demo? https://www.mantisbt.org/bugs ?

Which version of which browser on which operating system do you use?

Is there something between your browser and the site, e.g. proxy, web cache, firewall ...?

Did you install any browser plugin?
Please use Search before posting and read the Manual
Use Mantis2Go to try MantisBT on Windows or to reproduce issues
atrol
Site Admin
 
Posts: 6714
Joined: Mar 26, 2008 4:37 pm
Location: Germany

Re: security

Postby ijn953 » Nov 05, 2017 10:04 am

What do you mean with demo? https://www.mantisbt.org/bugs ? yes this one
i had checked it on chrome Version 61.0.3163.100 (Official Build) (64-bit)
firefox 56.0.2 (64-bit) and Microsoft Edge 41.16299.15.0
i have windows 10 pro 64 bit and i have vm server with latest mantis ubunto and lamp
i have some plugins for inspecting csp
i have my office firewall forinet d100
i have eset antivirus
and defender firewall
ijn953
 
Posts: 8
Joined: Oct 15, 2017 9:24 am

Re: security

Postby atrol » Nov 05, 2017 10:26 am

Please use Search before posting and read the Manual
Use Mantis2Go to try MantisBT on Windows or to reproduce issues
atrol
Site Admin
 
Posts: 6714
Joined: Mar 26, 2008 4:37 pm
Location: Germany

Re: security

Postby atrol » Nov 05, 2017 10:30 am

I don't see any problem when visiting https://www.mantisbt.org/bugs with Chrome 62.0.3202.75.
Do you get the problem when using a fresh install of this Chrome version?
Please use Search before posting and read the Manual
Use Mantis2Go to try MantisBT on Windows or to reproduce issues
atrol
Site Admin
 
Posts: 6714
Joined: Mar 26, 2008 4:37 pm
Location: Germany


Return to Customizations

Who is online

Users browsing this forum: Google [Bot] and 6 guests