Solved recaptcha csp bug (propably will lead to other bugs, which then need to be solved)

Solved bigbluebutton bugs
2025-06-24 19:25:32 +02:00 · 2025-06-02 19:14:48 +02:00 · 2025-06-02 19:13:42 +02:00
3 changed files with 18 additions and 6 deletions
--- a/filter_plugins/csp_filters.py
+++ b/filter_plugins/csp_filters.py
@ -91,6 +91,7 @@ class FilterModule(object):
                'frame-ancestors',
                'frame-src',
                'script-src',
+                'script-src-elem',
                'style-src',
                'font-src',
                'worker-src',
@ -115,11 +116,11 @@ class FilterModule(object):
                        tokens.append(f"{web_protocol}://{matomo_domain}")

                # ReCaptcha integration: allow loading scripts from Google if feature enabled
-                if (
-                    self.is_feature_enabled(applications, 'recaptcha', application_id)
-                    and directive == 'script-src'
-                ):
-                    tokens.append('https://www.google.com')
+                if self.is_feature_enabled(applications, 'recaptcha', application_id):
+                    if directive == 'script-src':
+                        tokens.append('https://www.google.com')
+                    if directive == 'script-src-elem':
+                        tokens.append('https://www.gstatic.com')

                # Enable loading via ancestors
                if (
--- a/roles/docker-bigbluebutton/tasks/main.yml
+++ b/roles/docker-bigbluebutton/tasks/main.yml
@ -3,6 +3,11 @@
 - name: "include docker-compose role"
  include_role: 
    name: docker-compose
+  vars:
+    database_instance:  "{{ application_id }}"
+    database_password:  "{{ applications[application_id].credentials.postgresql_secret }}"
+    database_username:  "postgres"
+    database_name:      ""                              # Multiple databases

 - name:                 "Seed BigBlueButton Database for Backup"
  include_tasks:        "{{ playbook_dir }}/roles/backup-docker-to-local/tasks/seed-database-to-backup.yml"
--- a/roles/docker-bigbluebutton/vars/configuration.yml
+++ b/roles/docker-bigbluebutton/vars/configuration.yml
@ -14,4 +14,10 @@ features:
  central_database:   false
 domains:
  canonical:
-    - "meet.{{ primary_domain }}"
+    - "meet.{{ primary_domain }}"
+csp:  
+  flags:
+    script-src:
+      unsafe-inline:  true
+    style-src:
+      unsafe-inline:  true
Author	SHA1	Message	Date
Kevin Veen-Birkenbach	cc9b634bb8	Solved recaptcha csp bug (propably will lead to other bugs, which then need to be solved)	2025-06-02 19:14:48 +02:00
Kevin Veen-Birkenbach	28c298636d	Solved bigbluebutton bugs	2025-06-02 19:13:42 +02:00