Hi Team, when I am using amazon s3
Hi Team, when I am using amazon s3 bucket url in place of jsdeliver url for custom css and adding it in the cutomCSSUrl option while embedding the liveboard, the css changes are impacting in the ui. Also, I have added the amazon s3 domain in CSP visual embed hosts, CSP connect src domains and CORS whitelisted domains in the thoughtspot security settings.
Can anyone put some light on what can be done regarding this?
10 Replies
Do you see any errors in the console log? Or do you just not see the css in your app?
Check the network to see if you are getting a 403 for CSS. If yes, can we check what is giving a 403
Yeah I checked the network tab in that, I am not getting status code for the api call.
I have attached a video for your reference.
Instead, when I am using jsdeliver url, I am getting 200 status code for the api call.
Can you check the console logs during this time?
Hi @shikharTS
In the console, I found https://infoxd.dev.calix.com/css/style69.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'
This problem I am facing in Thoughtspot verison 8.8.1, I tried the same thing in 9.5.0 Thoughtspot version, it works fine. In 9.5.0 version, we have a separate section of CSP style-src domains to add in the security setting, unlike 8.8.1 version.
I see. Thats the issue. We would need to add the following URL to style-src. This can be done by the SRE team. We will connect with them and provide them the command so they can run it. Do you have a ticket open for this ?
Yes, I have a ticket raised for it - Case No. 00370446.
https://community.thoughtspot.com/s/case/500Uk00000DidClIAJ/is-the-s3-bucket-url-supported-when-we-put-it-in-customcssurl-option
I have messaged the SRE team with the command. They will reach out
Okay thanks.