Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
Demo sites: txp4.9dev (devdemo) inaccessible – CSP issue
A bunch of errors in the console:
Content Security Policy: The page's settings blocked the loading of a resource at inline ("script-src"). [textpattern:9:1](https://dev-demo.textpattern.co/dev/textpattern/)
Uncaught ReferenceError: textpattern is not defined
<anonymous> https://dev-demo.textpattern.co/dev/textpattern/textpattern.js:30
[textpattern.js:30:1](https://dev-demo.textpattern.co/dev/textpattern/textpattern.js)
Content Security Policy: The page's settings blocked the loading of a resource at inline ("script-src"). [textpattern:59:1](https://dev-demo.textpattern.co/dev/textpattern/)
Content Security Policy: The page's settings blocked the loading of a resource at data:image/svg+xml;charset=utf-8,%3Csvg … ("img-src").
Where is that emoji for a solar powered submarine when you need it ?
Sand space – admin theme for Textpattern
Offline
Re: Demo sites: txp4.9dev (devdemo) inaccessible – CSP issue
Seems to have been resolved.
From now on I will believe in gremlins and other fairy tales
Where is that emoji for a solar powered submarine when you need it ?
Sand space – admin theme for Textpattern
Offline
Re: Demo sites: txp4.9dev (devdemo) inaccessible – CSP issue
phiw13 wrote #330363:
Seems to have been resolved.
There’s ongoing work moving to a new server with PHP 8.0 and the upcoming PHP 8.1, I’ve reverted to to the previous server for now until I can iron out some snags.
Edit: PS – thanks for the report.
Last edited by gaekwad (2021-06-06 13:26:18)
Offline
Re: Demo sites: txp4.9dev (devdemo) inaccessible – CSP issue
gaekwad wrote #330383:
[…] until I can iron out some snags.
Edit: PS – thanks for the report.
’K. Let us know if possible when you try again (or other “scheduled” downtime…). For whatever mysterious reason, I always seem to have a craving for accessing those demo sites right when you are busy with something or other.
Where is that emoji for a solar powered submarine when you need it ?
Sand space – admin theme for Textpattern
Offline
Re: Demo sites: txp4.9dev (devdemo) inaccessible – CSP issue
phiw13 wrote #330386:
Let us know if possible when you try again (or other “scheduled” downtime…).
Absolutely, and I was hoping it would be the usual blue-green deployment approach where I can flip a DNS switch and revert to another server. Sorry for the unexpected downtime, especially toward the end of the week.
For what it’s worth, the rationale behind the move is to test the waters on one of the new breed of AMD servers at DigitalOcean. There are some (anecdotal) differences between the older Intel fleet (current demo server) and these new AMD ones:
- higher memory usage
- more responsive (better) Nginx on the front-end
- software compile times have increased (worse)
I tend not to run servers in the red for very long, but the memory usage trigger on the new AMD servers is fired much more often than the Intel servers with equivalent software, which is puzzling when you consider the new AMDs should be “better” all round.
Last edited by gaekwad (2021-06-07 09:23:31)
Offline
Re: Demo sites: txp4.9dev (devdemo) inaccessible – CSP issue
gaekwad wrote #330387:
[…] There are some (anecdotal) differences between the older Intel fleet (current demo server) and these new AMD ones:
- higher memory usage
- more responsive (better) Nginx on the front-end
- software compile times have increased (worse)
I tend not to run servers in the red for very long, but the memory usage trigger on the new AMD servers is fired much more often than the Intel servers with equivalent software, which is puzzling when you consider the new AMDs should be “better” all round.
Bummer… That experience doesn’t sound very exciting. Hopefully it is some temporary snag in some low-level config.
Where is that emoji for a solar powered submarine when you need it ?
Sand space – admin theme for Textpattern
Offline
Re: Demo sites: txp4.9dev (devdemo) inaccessible – CSP issue
phiw13 wrote #330401:
Bummer… That experience doesn’t sound very exciting. Hopefully it is some temporary snag in some low-level config.
I think I’ve resolved it – the next 72 hours is the acid test, so far zero memory usage alerts, which is promising.
Offline
Re: Demo sites: txp4.9dev (devdemo) inaccessible – CSP issue
of dev-demo, CSP is again not happy, all icons appear missing (blocked). I supposed you are rebuilding something in the back-end?
No hurry…
Where is that emoji for a solar powered submarine when you need it ?
Sand space – admin theme for Textpattern
Offline
Re: Demo sites: txp4.9dev (devdemo) inaccessible – CSP issue
phiw13 wrote #330417:
I supposed you are rebuilding something in the back-end?
I wasn’t, but I’ll check. Deployed PHP 8.1.0 alpha 1 last night, that might be a factor. Give me 15 mins.
Offline
Re: Demo sites: txp4.9dev (devdemo) inaccessible – CSP issue
phiw13 wrote #330417:
CSP is again not happy, all icons appear missing (blocked).
I couldn’t reproduce what you were seeing in Tor (fresh browser, no cache) but I’ve added some config coding around the CSP stuff to hopefully make it go away.
I think this is down to nested Nginx location
blocks and header handling – please try again when you have time and inclination.
Offline
Re: Demo sites: txp4.9dev (devdemo) inaccessible – CSP issue
Now they are back, indeed. Weird thing, at first Firefox showed a certificate error, reloading made that go way.
(Firfox is set to forget everything, except that small set of bookmarks on quit)
Where is that emoji for a solar powered submarine when you need it ?
Sand space – admin theme for Textpattern
Offline
Re: Demo sites: txp4.9dev (devdemo) inaccessible – CSP issue
phiw13 wrote #330420:
Weird thing, at first Firefox showed a certificate error, reloading made that go way.
That’s expected. I hesitate to say ‘normal’, but it’s down to OCSP stapling handling within Nginx. It’s only Firefox (and derivatives) that throw that error, and it’s only if you’re the first person to load the site after the Nginx reload. The action of someone viewing the site warms up the OCSP cache on the server, and it’s smooth sailing after that.
I haven’t yet figured out a way to reliably preload the cache for the first visitor, even curl
-ing the site to mimic a visitor doesn’t work as expected. It’s on my to-do list.
Offline