Menu

#213 Captcha don't show anymore in selfService login page

v7.1
closed-fixed
5
2020-04-10
2020-04-10
No

Hello,
In the selfService login page, the Captcha don't show anymore.
Web Browsers complain about "Content-Security-Policy".
I've had a look to file : lib/security.inc
Replacing line #690 :
header('Content-Security-Policy: frame-ancestors \'self\'; form-action \'self\'; base-uri \'none\'; object-src \'none\'; frame-src \'self\' https://*.duosecurity.com; worker-src \'self\'');
With a line from previous version (6.6) :
header('Content-Security-Policy: frame-ancestors \'self\'');
Make the Captcha works again ...

Best regards,
C.PIERRE

Discussion

  • Roland Gruber

    Roland Gruber - 2020-04-10
    • status: open --> closed-fixed