Login page does not load after v5.4.1 update

[tcpserverpro]

I updated to 5.4.1 now the login page no longer works.

I use 2fauth on Tipi.

Refused to load the script '' because it violates the following Content Security Policy directive: "script-src 'nonce-8fMocwbEY2jmPzLMgQpMWtI4JWaqYDS5ZnvLNmoO'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Understand this errorAI
app-D4Udf6Mm.js:2 Refused to load the script 'https://seguro.tcpserver.com.br/build/assets/Accounts-DNDVqAqR.js' because it violates the following Content Security Policy directive: "script-src 'nonce-8fMocwbEY2jmPzLMgQpMWtI4JWaqYDS5ZnvLNmoO'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

(anonymous) @ app-D4Udf6Mm.js:2Understand this errorAI
app-D4Udf6Mm.js:2 Refused to load the script 'https://seguro.tcpserver.com.br/build/assets/OtpDisplay-D2QMFFL_.js' because it violates the following Content Security Policy directive: "script-src 'nonce-8fMocwbEY2jmPzLMgQpMWtI4JWaqYDS5ZnvLNmoO'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

(anonymous) @ app-D4Udf6Mm.js:2Understand this errorAI
app-D4Udf6Mm.js:2 Refused to load the script 'https://seguro.tcpserver.com.br/build/assets/Spinner-DHClvaFf.js' because it violates the following Content Security Policy directive: "script-src 'nonce-8fMocwbEY2jmPzLMgQpMWtI4JWaqYDS5ZnvLNmoO'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

(anonymous) @ app-D4Udf6Mm.js:2Understand this errorAI
app-D4Udf6Mm.js:2 Refused to load the script 'https://seguro.tcpserver.com.br/build/assets/SearchBox-B-38rGG5.js' because it violates the following Content Security Policy directive: "script-src 'nonce-8fMocwbEY2jmPzLMgQpMWtI4JWaqYDS5ZnvLNmoO'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

(anonymous) @ app-D4Udf6Mm.js:2Understand this errorAI
app-D4Udf6Mm.js:2 Refused to load the script 'https://seguro.tcpserver.com.br/build/assets/bus-RVphoWuw.js' because it violates the following Content Security Policy directive: "script-src 'nonce-8fMocwbEY2jmPzLMgQpMWtI4JWaqYDS5ZnvLNmoO'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

(anonymous) @ app-D4Udf6Mm.js:2Understand this errorAI
app-D4Udf6Mm.js:22 TypeError: Failed to fetch dynamically imported module: https://seguro.tcpserver.com.br/build/assets/Accounts-DNDVqAqR.js

[Bubka]

Hi,

This is due to the new CSP feature enabled in this release. As a quick fix, please set CONTENT_SECURITY_POLICY=false in your environment variable to disable CSP, the app should be back.

I'm going to investigate.

[ryosoftware]

Hi,

This is due to the new CSP feature enabled in this release. As a quick fix, please set CONTENT_SECURITY_POLICY=false in your environment variable to disable CSP, the app should be back.

I'm going to investigate.

I confirm is working now

[Fclem]

I'm having the same issue with CSP (disabling CSP does mitigate the issue).

However this issue only affect chromium-based browsers, and does not affect Firefox.

[Bubka]

However this issue only affect chromium-based browsers, and does not affect Firefox

Thanks for the head up

[wisameldin]

I'm having the same issue with CSP (disabling CSP does mitigate the issue). However this issue only affect chromium-based browsers, and does not affect Firefox.

I'm guessing not all I had the same issue and tried the initial quick fix that worked but before I applied it I tried in different browsers including Firefox and it didn't load Not sure what setting is different on your end than on my end (note I tried it on firefox on an iphone)

[tcpserverpro]

They released a new update.

I just updated and everything works fine again.

[EmberHeartshine]

(note I tried it on firefox on an iphone)

FWIW all browsers on iPhone are Safari with a skin.