YunoHost-Apps/shellinabox_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/shellinabox_ynh.git synced 2024-09-03 20:26:12 +02:00
Code Issues Activity Actions

Allow eval

Browse source 
The blank page, instead of a login prompt, is linked to this error: `Content Security Policy: The page’s settings blocked the loading of a resource at self (“script-src https: 'unsafe-eval'”)`
Maybe it's something about [this line](d4bd77ca45/shellinabox/shell_in_a_box.jspp (L200))

The only way I found to fix that is to allow to use eval.
This commit is contained in:
Maniack Crudelis 2018-03-08 00:17:00 +01:00 committed by GitHub
parent 347a733d01
commit 583328ef11
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
conf/nginx.conf
View file

@ -10,6 +10,9 @@ location __PATH__ {
tcp_nodelay on;
access_log off;
# Allow shellinabox to use 'eval' without blocking the execution. But keep a warning.
add_header Content-Security-Policy-Report-Only "script-src https: 'unsafe-eval'";
# Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc;
more_clear_input_headers 'Accept-Encoding';