You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am using NGINX to deploy Keycloak as an authentication center. When Content Security Policy (CSP) is not set, the login works fine. However, when CSP is configured, I encounter the following error:
auth:1 Refused to send form data to 'https://fuse.xxx.com/auth/realms/master/login-actions/authenticate?session_code=Fjggb8SFpX6uaCkMbePyAt-asMwau0NvWnr3cWYEcLA&execution=a5833fb9-308a-4f1b-a12b-12b84594547d&client_id=fuse.mobile.client&tab_id=8VYUmyB6zIA' because it violates the following Content Security Policy directive: "form-action 'self' https://*.xxx.com https://localhost:5173".
I suspect this issue might be related to the redirectUrl. The URI schema might be interpreted as a URL, causing the CSP check to fail. How should I resolve this? The authentication center itself is fine, as other web applications do not experience this issue.
The text was updated successfully, but these errors were encountered:
Hello,
I am using NGINX to deploy Keycloak as an authentication center. When Content Security Policy (CSP) is not set, the login works fine. However, when CSP is configured, I encounter the following error:
auth:1 Refused to send form data to 'https://fuse.xxx.com/auth/realms/master/login-actions/authenticate?session_code=Fjggb8SFpX6uaCkMbePyAt-asMwau0NvWnr3cWYEcLA&execution=a5833fb9-308a-4f1b-a12b-12b84594547d&client_id=fuse.mobile.client&tab_id=8VYUmyB6zIA' because it violates the following Content Security Policy directive: "form-action 'self' https://*.xxx.com https://localhost:5173".
I suspect this issue might be related to the redirectUrl. The URI schema might be interpreted as a URL, causing the CSP check to fail. How should I resolve this? The authentication center itself is fine, as other web applications do not experience this issue.
The text was updated successfully, but these errors were encountered: