Bugs Getting URI::InvalidURIError: Invalid data URI with

<div class="snippet-clipboard-content notranslate position-relative overflow-auto" data-snippet-clip

URI::InvalidURIError: Invalid data URI about secure_headers HOT 1 CLOSED

istana commented on June 11, 2024 4

URI::InvalidURIError: Invalid data URI

from secure_headers.

Comments (1)

rylanb commented on June 11, 2024

Puma caught this error: bad URI(is not URI?): "blob: rylan.test" (URI::InvalidURIError)
ruby-2.7.6/lib/ruby/2.7.0/uri/rfc3986_parser.rb:67:in `split'
ruby-2.7.6/lib/ruby/2.7.0/uri/rfc3986_parser.rb:73:in `parse'
ruby-2.7.6/lib/ruby/2.7.0/uri/common.rb:234:in `parse'
ruby-2.7.6/lib/ruby/2.7.0/uri/common.rb:737:in `URI'
ruby/2.7.6/gems/secure_headers-6.4.0/lib/secure_headers/headers/content_security_policy.rb:162:in `block in dedup_source_list'
ruby/2.7.6/gems/secure_headers-6.4.0/lib/secure_headers/headers/content_security_policy.rb:162:in `map'
ruby/2.7.6/gems/secure_headers-6.4.0/lib/secure_headers/headers/content_security_policy.rb:162:in `dedup_source_list'
ruby/2.7.6/gems/secure_headers-6.4.0/lib/secure_headers/headers/content_security_policy.rb:136:in `minify_source_list'
ruby/2.7.6/gems/secure_headers-6.4.0/lib/secure_headers/headers/content_security_policy.rb:111:in `build_source_list_directive'
ruby/2.7.6/gems/secure_headers-6.4.0/lib/secure_headers/headers/content_security_policy.rb:59:in `block in build_value'
ruby/2.7.6/gems/secure_headers-6.4.0/lib/secure_headers/headers/content_security_policy.rb:54:in `map'
ruby/2.7.6/gems/secure_headers-6.4.0/lib/secure_headers/headers/content_security_policy.rb:54:in `build_value'
ruby/2.7.6/gems/secure_headers-6.4.0/lib/secure_headers/headers/content_security_policy.rb:40:in `value'
ruby/2.7.6/gems/secure_headers-6.4.0/lib/secure_headers/headers/policy_management.rb:202:in `make_header'
ruby/2.7.6/gems/secure_headers-6.4.0/lib/secure_headers/configuration.rb:211:in `block in generate_headers'
ruby/2.7.6/gems/secure_headers-6.4.0/lib/secure_headers/configuration.rb:209:in `each'
ruby/2.7.6/gems/secure_headers-6.4.0/lib/secure_headers/configuration.rb:209:in `generate_headers'
ruby/2.7.6/gems/secure_headers-6.4.0/lib/secure_headers.rb:145:in `header_hash_for'
ruby/2.7.6/gems/secure_headers-6.4.0/lib/secure_headers/middleware.rb:15:in `call'
ruby/2.7.6/gems/rack-mini-profiler-3.0.0/lib/mini_profiler/profiler.rb:393:in `call'
ruby/2.7.6/gems/webpacker-5.4.3/lib/webpacker/dev_server_proxy.rb:25:in `perform_request'
ruby/2.7.6/gems/rack-proxy-0.7.0/lib/rack/proxy.rb:63:in `call'
ruby/2.7.6/gems/railties-6.0.5.1/lib/rails/engine.rb:527:in `call'
ruby/2.7.6/gems/puma-5.6.4/lib/puma/configuration.rb:252:in `call'
ruby/2.7.6/gems/puma-5.6.4/lib/puma/request.rb:77:in `block in handle_request'
ruby/2.7.6/gems/puma-5.6.4/lib/puma/thread_pool.rb:340:in `with_force_shutdown'
ruby/2.7.6/gems/puma-5.6.4/lib/puma/request.rb:76:in `handle_request'
ruby/2.7.6/gems/puma-5.6.4/lib/puma/server.rb:441:in `process_client'
ruby/2.7.6/gems/puma-5.6.4/lib/puma/thread_pool.rb:147:in `block in spawn_thread'

From a block for local development:

if Rails.env.development?
    config.csp[:connect_src] << 'http://localhost:3035'
    config.csp[:connect_src] << 'ws://localhost:3035'
    config.csp[:style_src] << 'blob: rylan.test'
    config.x_frame_options = 'SAMEORIGIN'
    config.csp[:frame_src] << 'localhost:5000'
    config.csp[:frame_src] << 'rylan.test:5000'
  end

I added the blob: rylan.test awhile back to fix local development issues, but not sure why it broke on updating to secure_headers (6.4.0) yesterday.

from secure_headers.

URI::InvalidURIError: Invalid data URI about secure_headers HOT 1 CLOSED

Comments (1)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent