Security Policy directive on logo | Maybe env/build error?
I set up zitadel through the official helm-chart. After some starting issues I got it working. Now i wanted to customize our organization. I wanted to add a custom logo to the web-login.
- added origin to console app "https://zitadel.172.17.0.1.nip.io:4443"
- added the logo to the organisation login
- opened a new window (incognito or normal) and it doesn't load the logo
then I wen to the docker-compose to have a look at the local docker-compose setup
Here comes the same issue:
The issue may come from this:
https://github.com/zitadel/zitadel/blob/d7e9eddb7650282c4df53f5e196ce05ec897567c/apps/login/constants/csp.js#L1-L6
In the docker-compose and in the k8s container is the
Is this a problem of env propagation and it can't be changed during runtime? Or is this a configuration issue?
- added origin to console app "https://zitadel.172.17.0.1.nip.io:4443"
- added the logo to the organisation login
- opened a new window (incognito or normal) and it doesn't load the logo
then I wen to the docker-compose to have a look at the local docker-compose setup
Here comes the same issue:
http://localhost:8080/assets/v1/346067768807849987/policy/label/logo-dark-346067955169099779' violates the following Content Security Policy directive: "img-src 'self' https://localhost". The action has been blocked.The issue may come from this:
https://github.com/zitadel/zitadel/blob/d7e9eddb7650282c4df53f5e196ce05ec897567c/apps/login/constants/csp.js#L1-L6
In the docker-compose and in the k8s container is the
ZITADEL_API_URL set, but it still says only localhost is allowed.Is this a problem of env propagation and it can't be changed during runtime? Or is this a configuration issue?
GitHub
ZITADEL - Identity infrastructure, simplified forΒ you. - zitadel/zitadel
