Redirect refused

Cristina Ruscau

unread,

Mar 19, 2024, 9:59:54 AM3/19/24

to rundeck-discuss

Hello,

Thank you for the support so far, I managed to get passed login and configure it correctly, but I still have an issue that I could not overcome (docker image v 5.1.1).

When logging in successfully using ldap config, I do not get redirected to homepage, but I see in console I'm getting

Refused to send form data to 'http://{RUNDECK}/rundeck/j_security_check' because it violates the following Content Security Policy directive: "form-action 'self'".

I tried various options, grails url is set correctly, tried setting RUNDECK_SECURITY_HTTPHEADERS_PROVIDER_CSP_CONFIG_FORMACTION="self https://my-rundeck.domain" and multiple options from here https://github.com/rundeck/rundeck/issues/4417 but none of those seemed to fix my issue.

For now I disabled csp by setting this variable but I would like to avoid that if possible RUNDECK_SECURITY_HTTPHEADERS_PROVIDER_CSP_ENABLED="false"

I'm getting this when trying to run my image in cloud. I don't know if I can pass in headers from there (if necessary).

Any advice is appreciated.

Thank you,

Cristina Ruscau

rac...@rundeck.com

unread,

Mar 19, 2024, 12:15:27 PM3/19/24

to rundeck-discuss

Hi Cristina,

Did you test the RUNDECK_SERVER_FORWARDED="true" param like this?

Greetings.

Cristina Ruscau

unread,

Mar 19, 2024, 1:34:09 PM3/19/24

to rundeck-discuss

Hello,

Yes, that env variable is also set up.

Kind Regards,

Cristina Ruscau

rac...@rundeck.com

unread,

Mar 19, 2024, 2:16:54 PM3/19/24

to rundeck-discuss

Also, Check this. Could you check your proxy/web server config?

Reply all

Reply to author

Forward