console icon indicating copy to clipboard operation
console copied to clipboard
verified publisher icon minio

Login bug

Open japlic opened this issue 1 year ago • 7 comments

NOTE

If this case is urgent, please subscribe to Subnet so that our 24/7 support team may help you faster.

Expected Behavior'

logging in

Current Behavior

Failed to load resource: the server responded with a status of 403 (Forbidden) jsx-runtime.js:4 Refused to connect to 'https://unpkg.com/[email protected]/dist/benchmarks/d-intel.json' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-inline'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

(anonymous) @ jsx-runtime.js:4 Show 1 more frame Show less jsx-runtime.js:4 Refused to connect to 'https://unpkg.com/[email protected]/dist/benchmarks/d-intel.json' because it violates the document's Content Security Policy. (anonymous) @ jsx-runtime.js:4 Show 1 more frame Show less api/v1/login:1

   Failed to load resource: the server responded with a status of 401 (Unauthorized)

Possible Solution

Context

logging in into the webapp

idk

Regression

Your Environment

  • Version used (minio --version):
  • minio version RELEASE.2024-05-10T01-41-38Z (commit-id=b5984027386ec1e55c504d27f42ef40a189cdb55) Runtime: go1.22.3 linux/amd64 License: GNU AGPLv3 - https://www.gnu.org/licenses/agpl-3.0.html Copyright: 2015-2024 MinIO, Inc.
  • Server setup and configuration: Linux idk 5.4.0-176-generic minio/minio#196-Ubuntu SMP Fri Mar 22 16:46:39 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux

japlic avatar May 20 '24 00:05 japlic

could you capture mc admin trace -v -a --funcname "sts.*" <ALIAS>

is there any loadbalancer/proxy setup ?

prakashsvmx avatar May 20 '24 09:05 prakashsvmx

this is a dependency that is being blocked by the CSP policies, we are going to check it

pjuarezd avatar May 20 '24 16:05 pjuarezd

ummm its not mc

japlic avatar May 20 '24 20:05 japlic

ok

japlic avatar May 20 '24 20:05 japlic

Is there away to fix it

japlic avatar May 20 '24 22:05 japlic

You can fix the Content Security Policy (see Mozilla docs for more info about CSP) by trusting the host https://unpkg.com, this can be done with mc`

mc admin config set ALIAS browser csp_policy="default-src 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self' https://unpkg.com"

Don't forget to restart the service after the config change

mc admin service restart ALIAS

pjuarezd avatar May 20 '24 23:05 pjuarezd

could you capture mc admin trace -v -a --funcname "sts.*" <ALIAS>

is there any loadbalancer/proxy setup ?

@japlic please provide this info @prakashsvmx is asking for, the CSP is not the reason you cannot login

pjuarezd avatar May 21 '24 05:05 pjuarezd

Closing due to innactivity, please feel free to open a new one if the issue persists providing the requested information.

cesnietor avatar Jun 03 '24 16:06 cesnietor