Windows Rundeck not accessible from outside rdp over internet

[Suraj Reddy]

Hi,

I have my rundeck inside a windows RDP. It is working fine inside RDP BUT now when i am trying to access it from outside of RDP, it is causing the below error:

Refused to send form data to 'http://rundeck***.com/' because it violates the following Content Security Policy directive: "form-action 'self' data:".

Also in rundeck config properties file, following details are present:

dataSource.dbCreate = update

dataSource.url = jdbc:h2:file:C:/rundeck/server/data/grailsdb;MVCC=true

# Pre Auth mode settings

rundeck.security.authorization.preauthenticated.enabled=false

rundeck.security.authorization.preauthenticated.attributeName=REMOTE_USER_GROUPS

rundeck.security.authorization.preauthenticated.delimiter=,

# Header from which to obtain user name

rundeck.security.authorization.preauthenticated.userNameHeader=X-Forwarded-Uuid

# Header from which to obtain list of roles

rundeck.security.authorization.preauthenticated.userRolesHeader=X-Forwarded-Roles

# Redirect to upstream logout url

rundeck.security.authorization.preauthenticated.redirectLogout=false

rundeck.security.authorization.preauthenticated.redirectUrl=/oauth2/sign_in

rundeck.security.httpHeaders.enabled=true

rundeck.security.httpHeaders.provider.xcto.enabled=true

rundeck.security.httpHeaders.provider.xxssp.enabled=true

rundeck.security.httpHeaders.provider.xfo.enabled=true

rundeck.security.httpHeaders.provider.csp.enabled=true

rundeck.security.httpHeaders.provider.csp.config.policy=default-src 'none'; connect-src 'self' ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: ; img-src 'self' ; form-action 'self' data: ;

Please help me in resolving this issue.

Thanks in Advance,

Suraj

[rac...@rundeck.com]

Hi Suraj,

Pretty sure that you're facing this,  please take a look at this and this.

Hope  it helps!