[BUDI-6604] CSP blocking custom components use of Google Recaptcha #9679
Comments
|
|
|
I have the same issue, I wrote a custom component to embed a script in order to be able to add a comment box inside a side panel but the script gets blocked, custom components should be able to allow for external scripts to be loaded or at least should be possible to extend the CSP directive
|
shogunpurple
changed the title
shogunpurple
added
docker
bb-self-host
bb-plugins
and removed
docker
bb-self-host
labels
|
This issue has been automatically marked as stale because it has not had recent activity. |
|
I was going to test this one, however you do not have a release tied to the plugin repo. You'll need to add the release.yml, update the version number in the package.json, and then push up those changes. |
|
I never got a response, so I didn't post it to the plugins directory. For
this to work, the Nginx server has to be configured to allow the Google
Captcha code to come through. I could do it on my private instance, but
unless the change is made in the Cloud deployment, it won't work for those
users. Any standalone instances would also have to change their nginx
instance, which just seemed too much to ask a Budibase nocode developer to
do.
Here is my code if you want to take a look.
https://github.com/keith-ellis-sillek/budibase-recaptura-v2
Keith Ellis
***@***.***
410-903-4027
…On Wed, Dec 20, 2023 at 11:41 AM melohagan ***@***.***> wrote:
Hey @keith-ellis-sillek <https://github.com/keith-ellis-sillek>
I was going to test this one, however you do not have a release tied to
the plugin repo. You'll need to add the release.yml, update the version
number in the package.json, and then push up those changes.
E.g.
https://github.com/melohagan/budibase-datasource-appwrite-attributes-indexes/tree/main/.github/workflows
—
Reply to this email directly, view it on GitHub
<#9679 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AXKDKUUJ6NATMKSORWT3KXTYKMINJAVCNFSM6AAAAAAU24B3R6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNRUG44TSNRQGE>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
It does work on my instance as expected.
Keith Ellis
***@***.***
410-903-4027
…On Wed, Dec 20, 2023 at 11:41 AM melohagan ***@***.***> wrote:
Hey @keith-ellis-sillek <https://github.com/keith-ellis-sillek>
I was going to test this one, however you do not have a release tied to
the plugin repo. You'll need to add the release.yml, update the version
number in the package.json, and then push up those changes.
E.g.
https://github.com/melohagan/budibase-datasource-appwrite-attributes-indexes/tree/main/.github/workflows
—
Reply to this email directly, view it on GitHub
<#9679 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AXKDKUUJ6NATMKSORWT3KXTYKMINJAVCNFSM6AAAAAAU24B3R6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNRUG44TSNRQGE>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
I'd love ann update on this. I'm looking to host a public form and want some bot protection... |
|
This issue has been automatically marked as stale as there has been no activity for 6 months. |
Uh oh!
There was an error while loading. Please reload this page.
Checklist
Hosting
Describe the bug
I created a custom component for Budibase here - https://github.com/keith-ellis-sillek/budibase-recaptura-v2
It works beautifully in development on localhost. However, when I deploy, it fails CSP for https://www.google.com/recaptcha/api.js I understand that you don't want to add just anyone's libraries, but could you add google's?
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Like it to render?!
Screenshots
On a plane, but will try to post when I land
App Export
If possible - please attach an export of your budibase application for debugging/reproduction purposes.
Desktop (please complete the following information):
Additional context
BUDI-6604
The text was updated successfully, but these errors were encountered: