-
-
Notifications
You must be signed in to change notification settings - Fork 3.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug]: Content-Security Policy blocks download of Knowledge files #2418
Comments
Hey @raisindetre! Great to see you diving into another challenge. How's everything going on your end? To resolve the Here's how to update your CSP in the const ContentSecurityPolicy = {
"connect-src": [
"'self'",
// Other domains
"http://host.docker.internal:54321", // Add this line
],
// ... other directives ...
}; After adding this domain, the CSP will permit connections to Let me know if this solution works for you or if further assistance is needed. Sources
|
Yes - as a hack I got things working by changing
Add
Log out, and back into Quivr UI. If getting UI error notifications and no content displayed. Stop and restart the whole quivr container in Docker. Other values for
So setting |
What happened?
Trying to download files uploaded to a brain's knowledge resullts in a
blocked:csp
error in the browser preventing download. Disabling CSP in the browser enables the download to complete. The request URL is tohttp://host.docker.internal:54321
but the CSP directive does not include this domain. It includeshttp://localhost:54321
which also fails with CSP enabled but completes with it off.Generation of the request is clearly ok, but the code writing the CSP directive needs to be more permissive.
Relevant log output
Twitter / LinkedIn details
No response
The text was updated successfully, but these errors were encountered: