Comments (7)
Going to the provided url doesn't show Superset at all:
That said, whatever rocket-loader
is, it's being blocked by Superset's CSP. You can add that domain to your TALISMAN_CONFIG
configuration in config.py
from superset.
@rusackas - Sorry for the incomplete details that I provided earlier, also I have tried to change the TALISMAN_CONFIG
in my config.py
superset1.greyb.com is hosted on my internal network and it's not public yet, I have also confirmed and there is no blocking or any kind of issue from our end.
Here is my TALISMAN_CONFIG
for both production and development mode.
TALISMAN_CONFIG = {
'contentSecurityPolicy': False,
"content_security_policy": {
"default-src": ["'self'","https://superset1.greyb.com"],
"img-src": ["'self'", "data:","https://superset1.greyb.com"],
"worker-src": ["'self'", "blob:","https://superset1.greyb.com"],
"connect-src": [
"'self'",
"https://api.mapbox.com",
"https://events.mapbox.com",
"https://superset1.greyb.com",
],
"object-src": "'none'",
"style-src": ["'self'", "'unsafe-inline'","'https://superset1.greyb.com'","https://superset1.greyb.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js"],
"script-src": ["'self'", "'unsafe-inline'","'unsafe-eval'","'https://superset1.greyb.com'"],
},
"content_security_policy_nonce_in": ["script-src"],
"force_https":False,
}
I have tried many things and option related to this but none of them is working. and whenever I'm accessing with my IP its working fine as shown below.
from superset.
@rusackas - I have a request, do not close this until I get a solution from your side, and we're very curious to know the possible solution from your side.
As I have mentioned the configuration above, I just wanted to share I have tried many permutation combinations to resolve this issue but I failed.
Thanks!!!
from superset.
It looks like you have some weird double quoting in your config there, e.g. "'https://superset1.greyb.com'"
should be "https://superset1.greyb.com"
. From the error you posted, it also seems that it's trying to do a GET to static.cloudflareinsights.com
so you'll want to punch a hole for that too.
This doesn't seem like a bug with Superset, but rather a config issue... if you want to keep it open, I can move it to a GitHub discussion in the Q&A section.
from superset.
@rusackas - Tried with this config as well getting same error.
TALISMAN_CONFIG = {
'contentSecurityPolicy': False,
"content_security_policy": {
"default-src": ["'self'","https://superset1.greyb.com"],
"img-src": ["'self'", "data:","https://superset1.greyb.com"],
"worker-src": ["'self'", "blob:","https://superset1.greyb.com"],
"connect-src": [
"'self'",
"https://api.mapbox.com",
"https://events.mapbox.com",
"https://superset1.greyb.com",
],
"object-src": "'none'",
"style-src": ["'self'", "'unsafe-inline'","https://superset1.greyb.com"],
"script-src": ["'self'", "'unsafe-inline'","'unsafe-eval'","https://superset1.greyb.com"],
},
"content_security_policy_nonce_in": ["script-src"],
"force_https":False,
}
As I have also mentioned tried a few alternative and a combination as well
from superset.
Do you have any suggestions to resolve this issue? because I also tried to do some changes in superset_config.py but didn't work.
from superset.
Well, there might be a few problems:
- You have both
contentSecurityPolicy
andcontent_security_policy
in there. Get rid ofcontentSecurityPolicy
- It still doesn't look like you've allowed
https://static.cloudflareinsights.com
- Are you running in dev or prod mode? Note that there are two configs... TALISMAN_CONFIG and TALISMAN_DEV_CONFIG, so you should be using the right one.
from superset.
Related Issues (20)
- Unexpected Error on SQL Lab HOT 3
- Bar chart - Impossible to maintain consistent bar width with sparse data HOT 2
- Table does not adjust `Show Totals` calculation when typing to search for values via the Search Bar HOT 1
- Getting message "Access is Denied" On Superset login page and logout page HOT 1
- superset_text.yml not loading the PREFERRED_DATABASES icons HOT 1
- Superset 3.0.0 is showing up " PrestoDBSQLValidator was unable to check your query." if HOT 10
- Cannot load filter Error: ORA-00979: not a GROUP BY expression HOT 21
- Humanize not localised HOT 5
- Installation from PyPi, superset db upgrade fails HOT 8
- Superset Guest Token Endpoint Only is not Working My URL - ( https://superset.mysite.com/api/v1/security/guest_token ) HOT 3
- Remove `can csv upload`, `can excel upload`, `can columnar upload` in favour of just `can upload on Database`
- Slack API `files.upload` v1 deprecation HOT 6
- [SIP-130] Migrating from Mapbox to MapLibre
- MSSQL - ERROR: Could not load database driver: MssqlEngineSpec HOT 5
- superset-frontend proxy is not working when superset backend decides to use zstd encoding HOT 9
- "Can't contact LDAP server HOT 1
- SQL Lab hard fails with "'utf-8' codec can't decode byte 0xe6 in position 0: invalid continuation byte" when reading certain binary types HOT 4
- Installing error HOT 14
- [SIP-131] Superset Security Model Redesign HOT 5
- Superset ALERT & REPORTS not working HOT 11
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from superset.