Captcha don't show anymore in selfService login page
Brought to you by:
gruberroland
Hello,
In the selfService login page, the Captcha don't show anymore.
Web Browsers complain about "Content-Security-Policy".
I've had a look to file : lib/security.inc
Replacing line #690 :
header('Content-Security-Policy: frame-ancestors \'self\'; form-action \'self\'; base-uri \'none\'; object-src \'none\'; frame-src \'self\' https://*.duosecurity.com; worker-src \'self\'');
With a line from previous version (6.6) :
header('Content-Security-Policy: frame-ancestors \'self\'');
Make the Captcha works again ...
Best regards,
C.PIERRE
Thanks a lot for the report and for the detailled error description. It will be solved in next release. Here is the fix:
https://github.com/LDAPAccountManager/lam/commit/07f5ae2d7a68e38db878894c51faf5f431b3ca99