[GH-ISSUE #895] [BUG]: Content-Security-Policy #535

Closed
opened 2026-02-22 18:20:00 -05:00 by yindo · 7 comments
Owner

Originally created by @olariuromeo on GitHub (Mar 12, 2024).
Original GitHub issue: https://github.com/Mintplex-Labs/anything-llm/issues/895

How are you running AnythingLLM?

Docker (local)

What happened?

Refused to load the image 'favicon.png' because it violates the following Content Security Policy directive: "default-src 'none'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.

Are there known steps to reproduce?

setup env.production and start the website with https port 443 this its my config in nginx Content-Security-Policy "default-src 'none'; img-src 'self' data: blob:; connect-src 'self'; script-src 'self'"

Originally created by @olariuromeo on GitHub (Mar 12, 2024). Original GitHub issue: https://github.com/Mintplex-Labs/anything-llm/issues/895 ### How are you running AnythingLLM? Docker (local) ### What happened? Refused to load the image 'favicon.png' because it violates the following Content Security Policy directive: "default-src 'none'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback. ### Are there known steps to reproduce? setup env.production and start the website with https port 443 this its my config in nginx `Content-Security-Policy "default-src 'none'; img-src 'self' data: blob:; connect-src 'self'; script-src 'self'" `
yindo added the possible bug label 2026-02-22 18:20:00 -05:00
yindo closed this issue 2026-02-22 18:20:00 -05:00
Author
Owner

@timothycarambat commented on GitHub (Mar 12, 2024):

This is not a bug with the code, its likely a setting for NGNIX

server {
 	listen 80;
 	server_name domain.com;
 	return 301 https://domain.com$request_uri;
 }

 server {
 	listen 443 ssl;
 	ssl on;
 	server_name domain.com;
 	ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
 	ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;	
 	location / {
           proxy_buffering off;
           proxy_cache off;
           proxy_pass http://ip-address-here:3001$request_uri;
 	}
 }

You should probably use a proxy and not connect a 443 directly to the machine IP.

@timothycarambat commented on GitHub (Mar 12, 2024): This is not a bug with the code, its likely a setting for NGNIX ``` server { listen 80; server_name domain.com; return 301 https://domain.com$request_uri; } server { listen 443 ssl; ssl on; server_name domain.com; ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; location / { proxy_buffering off; proxy_cache off; proxy_pass http://ip-address-here:3001$request_uri; } } ``` You should probably use a proxy and not connect a 443 directly to the machine IP.
Author
Owner

@olariuromeo commented on GitHub (Mar 12, 2024):

yes I use a caddy proxy , and nginx in the backend,

.env file

MY_HOSTNAME=www.exemple.com

LETSENCRYPT_EMAIL=ssl@exemple.com

cadyfile:

 {$MY_HOSTNAME} {
      log {
            output discard
      }
    
      tls {MY_HOSTNAME_TLS}
    
      @api {
            path /config
            path /healthz
            path /stats/errors
            path /stats/checker
      }
    
      @static {
            path /static/*
      }
    
      @notstatic {
            not path /static/*
      }
    
      @imageproxy {
            path /image_proxy
      }
    
      @notimageproxy {
            not path /image_proxy
      }
    
      header {
            # Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS
            Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
    
            # Enable cross-site filter (XSS) and tell browser to block detected attacks
            X-XSS-Protection "1; mode=block"
    
            # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
            X-Content-Type-Options "nosniff"
    
            # Disable some features
            Permissions-Policy "accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),encrypted-media=(),focus-without-user-activation=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),speaker=(),sync-xhr=(),usb=(),vr=()"
    
            # Disable some features (legacy)
            Feature-Policy "accelerometer 'none';ambient-light-sensor 'none'; autoplay 'none';camera 'none';encrypted-media 'none';focus-without-user-activation 'none'; geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none'; speaker 'none';sync-xhr 'none';usb 'none';vr 'none'"
    
            # Referer
            Referrer-Policy "no-referrer"
    
            # X-Robots-Tag
            X-Robots-Tag "noindex, noarchive, nofollow"
    
            # Remove Server header
            -Server
      }
    
      header @api {
            Access-Control-Allow-Methods "GET, OPTIONS"
            Access-Control-Allow-Origin  "*"
      }
    
      # Cache
      header @static {
            # Cache
            Cache-Control "public, max-age=31536000"
            defer
      }
    
      header @notstatic {
            # No Cache
            Cache-Control "no-cache, no-store"
            Pragma "no-cache"
      }
    
      # CSP (see http://content-security-policy.com/ )
      header @imageproxy {
            Content-Security-Policy "default-src 'none'; img-src 'self' data: https://exemple.com"
      }
    
      header @notimageproxy {
            Content-Security-Policy "upgrade-insecure-requests; default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; form-action 'self'; font-src 'self'; frame-ancestors 'self'; base-uri 'self'; connect-src 'self'"
      }
    
      # 
      handle {
            encode zstd gzip
    
            reverse_proxy 0.0.0.0:3001 {
                   header_up X-Forwarded-Port {http.request.port}
                   header_up X-Forwarded-Proto {http.request.scheme}
                   header_up X-Real-IP {remote_host}
            }
      }
    
    }
AND NGINX CONFIG
exemple.com.conf:
   location / {
      # Prevent timeouts on long-running requests.
      proxy_connect_timeout       605;
      proxy_send_timeout          605;
      proxy_read_timeout          605;
      send_timeout                605;
      keepalive_timeout           605;
      proxy_pass  http://0.0.0.0:3001;
    }

EVERYTHING WORKS CORRECTLY EXCEPT THE IMAGES

@olariuromeo commented on GitHub (Mar 12, 2024): yes I use a caddy proxy , and nginx in the backend, .env file ``` MY_HOSTNAME=www.exemple.com LETSENCRYPT_EMAIL=ssl@exemple.com ``` cadyfile: ``` {$MY_HOSTNAME} { log { output discard } tls {MY_HOSTNAME_TLS} @api { path /config path /healthz path /stats/errors path /stats/checker } @static { path /static/* } @notstatic { not path /static/* } @imageproxy { path /image_proxy } @notimageproxy { not path /image_proxy } header { # Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" # Enable cross-site filter (XSS) and tell browser to block detected attacks X-XSS-Protection "1; mode=block" # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type X-Content-Type-Options "nosniff" # Disable some features Permissions-Policy "accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),encrypted-media=(),focus-without-user-activation=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),speaker=(),sync-xhr=(),usb=(),vr=()" # Disable some features (legacy) Feature-Policy "accelerometer 'none';ambient-light-sensor 'none'; autoplay 'none';camera 'none';encrypted-media 'none';focus-without-user-activation 'none'; geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none'; speaker 'none';sync-xhr 'none';usb 'none';vr 'none'" # Referer Referrer-Policy "no-referrer" # X-Robots-Tag X-Robots-Tag "noindex, noarchive, nofollow" # Remove Server header -Server } header @api { Access-Control-Allow-Methods "GET, OPTIONS" Access-Control-Allow-Origin "*" } # Cache header @static { # Cache Cache-Control "public, max-age=31536000" defer } header @notstatic { # No Cache Cache-Control "no-cache, no-store" Pragma "no-cache" } # CSP (see http://content-security-policy.com/ ) header @imageproxy { Content-Security-Policy "default-src 'none'; img-src 'self' data: https://exemple.com" } header @notimageproxy { Content-Security-Policy "upgrade-insecure-requests; default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; form-action 'self'; font-src 'self'; frame-ancestors 'self'; base-uri 'self'; connect-src 'self'" } # handle { encode zstd gzip reverse_proxy 0.0.0.0:3001 { header_up X-Forwarded-Port {http.request.port} header_up X-Forwarded-Proto {http.request.scheme} header_up X-Real-IP {remote_host} } } } ``` ``` AND NGINX CONFIG exemple.com.conf: location / { # Prevent timeouts on long-running requests. proxy_connect_timeout 605; proxy_send_timeout 605; proxy_read_timeout 605; send_timeout 605; keepalive_timeout 605; proxy_pass http://0.0.0.0:3001; } ``` EVERYTHING WORKS CORRECTLY EXCEPT THE IMAGES
Author
Owner

@olariuromeo commented on GitHub (Mar 12, 2024):

The problem is that I don't know how to configure it. I have several sites already configured on cady and I cannot make another server because it is only one server and they are all managed by cady, so I could not use another separate session of nginx on port 443, so it must be configured correctly theContent-Security-Policy for this app in order to work. This is a template that we already use on other sites, it is a standard one, so it should be configured for anythingllm to work, but I don't know very well the structure of the folders, how it should be set and what are the correct directives for anythingllm, your configuration has no reference in this sense, the one that exposes the application to attacks https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP

@olariuromeo commented on GitHub (Mar 12, 2024): The problem is that I don't know how to configure it. I have several sites already configured on cady and I cannot make another server because it is only one server and they are all managed by cady, so I could not use another separate session of nginx on port 443, so it must be configured correctly the`Content-Security-Policy` for this app in order to work. This is a template that we already use on other sites, it is a standard one, so it should be configured for anythingllm to work, but I don't know very well the structure of the folders, how it should be set and what are the correct directives for anythingllm, your configuration has no reference in this sense, the one that exposes the application to attacks [https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP)
Author
Owner

@timothycarambat commented on GitHub (Mar 12, 2024):

We do necessary escaping and render-blocking of SVG assets (which would be a XSS vector) so unless you are working with totally untrusted users on your AnythingLLM instance, you could modify your policy to remove this chunk?

 header @imageproxy {
            Content-Security-Policy "default-src 'none'; img-src 'self' data: https://exemple.com"
      }
@timothycarambat commented on GitHub (Mar 12, 2024): We do necessary escaping and render-blocking of SVG assets (which would be a XSS vector) so unless you are working with _totally untrusted_ users on your AnythingLLM instance, you could modify your policy to remove this chunk? ``` header @imageproxy { Content-Security-Policy "default-src 'none'; img-src 'self' data: https://exemple.com" } ```
Author
Owner

@olariuromeo commented on GitHub (Mar 12, 2024):

This is not a bug with the code, its likely a setting for NGNIX

server {
 	listen 80;
 	server_name domain.com;
 	return 301 https://domain.com$request_uri;
 }

 server {
 	listen 443 ssl;
 	ssl on;
 	server_name domain.com;
 	ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
 	ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;	
 	location / {
           proxy_buffering off;
           proxy_cache off;
           proxy_pass http://ip-address-here:3001$request_uri;
 	}
 }

You should probably use a proxy and not connect a 443 directly to the machine IP.

It's really hard to find a black cat in a dark room if it doesn't exist yet

@olariuromeo commented on GitHub (Mar 12, 2024): > This is not a bug with the code, its likely a setting for NGNIX > > ``` > server { > listen 80; > server_name domain.com; > return 301 https://domain.com$request_uri; > } > > server { > listen 443 ssl; > ssl on; > server_name domain.com; > ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; > ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; > location / { > proxy_buffering off; > proxy_cache off; > proxy_pass http://ip-address-here:3001$request_uri; > } > } > ``` > > You should probably use a proxy and not connect a 443 directly to the machine IP. It's really hard to find a black cat in a dark room if it doesn't exist yet
Author
Owner

@olariuromeo commented on GitHub (Mar 12, 2024):

We do necessary escaping and render-blocking of SVG assets (which would be a XSS vector) so unless you are working with totally untrusted users on your AnythingLLM instance, you could modify your policy to remove this chunk?

Of course I can edit it, the question is what would be the correct settings for anythingllm? There are also some other images on the application, logo and icons etc the error is not limited to the 'favicon.png'. I have a very long list of errors that are generally related to images,

@olariuromeo commented on GitHub (Mar 12, 2024): > We do necessary escaping and render-blocking of SVG assets (which would be a XSS vector) so unless you are working with _totally untrusted_ users on your AnythingLLM instance, you could modify your policy to remove this chunk? Of course I can edit it, the question is what would be the correct settings for anythingllm? There are also some other images on the application, logo and icons etc the error is not limited to the 'favicon.png'. I have a very long list of errors that are generally related to images,
Author
Owner

@timothycarambat commented on GitHub (Mar 12, 2024):

I would say yes, that would be correct. AnythingLLM does not serve images as a file server, we actually return them as blobs to render them - which is probably why this error is occurring.

@timothycarambat commented on GitHub (Mar 12, 2024): I would say yes, that would be correct. AnythingLLM does not serve images as a file server, we actually return them as blobs to render them - which is probably why this error is occurring.
yindo changed title from [BUG]: Content-Security-Policy to [GH-ISSUE #895] [BUG]: Content-Security-Policy 2026-06-05 14:35:51 -04:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Mintplex-Labs/anything-llm#535