N
Nuxtβ€’3mo ago
Skruse

Fresh Nuxt3 installation throws Content Security Policy error

I have a fresh nuxt3 installation, nothing modified. But when i run "yarn run dev" on server and open the site in browser i got some errors: Refused to load the script '../nuxt/dist/app/entry.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. I then add the "nuxt-security" module, configure it but this doesnt work as well. Could maybe someone give me a hint how to configure csp for nuxt3? Or why this isnt working out of the box? PS: When i run yarn run dev on local machine i can open the site without errors. But if i depoloy it on the server and run there the command, view the page in browser there are the errors. Thanks for helping
7 Replies
Skruse
SkruseOPβ€’3mo ago
no ideas? I couldnt believe that i am the only one with this problem. πŸ™‚
Zeeeth
Zeeethβ€’3mo ago
I think since it's in server environment it is a bit hard for anyone to be able to help since a reproduction wont be possible. Could you provide some more information about the deployment process? Maybe a step by step how you deploy it, start it and so on. What server environment? What provider?
Skruse
SkruseOPβ€’3mo ago
Thanks for reply. I understand that its a little bit tricky to find out where the issue is. I have my own server by 1&1 / Ionos. I have node and apache running there. I have domains pointing to the server and have a proxy servervhost conf for the nuxt app. For testing i try to install a fresh nuxt project on my server. Nothing modified or added from my site. After "yarn install" i run "yarn run dev". And then i look in the frontend and there are appears csp errors in the browser console. You see, there is nothing special in my config.
Zeeeth
Zeeethβ€’3mo ago
Hi! first thing to check, you shouldn't run in dev on server
manniL
manniLβ€’3mo ago
you shouldn't deploy the dev mode in production πŸ™ˆ
Zeeeth
Zeeethβ€’3mo ago
take a look at the deployment docs, that should solve your issues. dev is only for local environment https://nuxt.com/docs/getting-started/deployment
Nuxt
Deployment Β· Get Started with Nuxt
Learn how to deploy your Nuxt application to any hosting provider.
Skruse
SkruseOPβ€’3mo ago
Yeah, Thanks for helping. The dev mode was for testing purposes. I had the csp Problems in dev and prod mode. But the Problem was the headers from Apache. I unset the csp headers and then it works. So i trink i have to Look deeper there. But thank you very much.
Want results from more Discord servers?
Add your server