【问题标题】:CSP Error in Eclipse Scout (One Day Tutorial)?Eclipse Scout 中的 CSP 错误(一日教程)?
【发布时间】:2022-06-22 17:35:46
【问题描述】:

我目前在 Eclipse Scout Framework 的 one day tutorial 上,而我正好被困在 this 部分。我不认为我的问题是特定于教程的,这就是为什么我在这里问我的问题:突然,当我尝试在我的侦察本地主机环境中打开一个菜单时;我在浏览器中收到“拒绝访问”消息,Java 控制台返回以下日志:

2022-04-06 22:27:06,597 WARN  [qtp1600667055-41] org.eclipse.scout.rt.server.commons.authentication.DevelopmentAccessController.handle(DevelopmentAccessController.java:66) - 
+++ Development access control with user xxx.yyy - MDC[]
2022-04-06 22:27:06,875 INFO  [qtp1600667055-33] org.eclipse.scout.rt.ui.html.csp.ContentSecurityPolicyReportHandler.log(ContentSecurityPolicyReportHandler.java:80) - CSP-REPORT: {
  "csp-report": {
    "blocked-uri": "inline",
    "column-number": 797897,
    "document-uri": "http:\/\/localhost:8082\/",
    "line-number": 71,
    "original-policy": "img-src 'self'; style-src 'self' 'unsafe-inline'; child-src *; default-src 'self'; report-uri http:\/\/localhost:8082\/csp-report; script-src 'self'",
    "referrer": "",
    "source-file": "moz-extension",
    "violated-directive": "script-src"
  }
} - MDC[principal=xxx.yyy, 
httpUri=/csp-report, 
cid=d3e5c2b5-19b8-4f62-b512-56bbd82eb685]
2022-04-06 22:27:07,
575 INFO  [scout-model-thread-4 Starting ClientSession [sessionId=v6r80rs8kch0k2pohlnc4u4n2917m8ohb0smftl2jbf4a62i7ah]] org.eclipse.scout.rt.client.AbstractClientSession.start(AbstractClientSession.java:294) - Client session started [session=org.eclipse.scout.contacts.client.ClientSession@49956588[id = v6r80rs8kch0k2pohlnc4u4n2917m8ohb0smftl2jbf4a62i7ah], user=xxx.yyy] - MDC[principal=xxx.yyy, httpUri=/json, jobName=Starting ClientSession [sessionId=v6r80rs8kch0k2pohlnc4u4n2917m8ohb0smftl2jbf4a62i7ah], cid=Sq8Jw6Nn9Gq/1]
2022-04-06 22:27:07,575 INFO  [qtp1600667055-45] org.eclipse.scout.rt.ui.html.UiSession.getOrCreateClientSession(UiSession.java:303) - Created new client session [clientSessionId=v6r80rs8kch0k2pohlnc4u4n2917m8ohb0smftl2jbf4a62i7ah, userAgent=HTML|DESKTOP|FIREFOX|WINDOWS|Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0] - MDC[principal=xxx.yyy, httpUri=/json, cid=Sq8Jw6Nn9Gq/1]
2022-04-06 22:27:07,575 INFO  [qtp1600667055-45] org.eclipse.scout.rt.ui.html.UiThemeHelper.getConfiguredTheme(UiThemeHelper.java:59) - UI theme configured in config.properties: default - MDC[principal=xxx.yyy, httpUri=/json, cid=Sq8Jw6Nn9Gq/1]
2022-04-06 22:27:07,591 INFO  [scout-model-thread-10 Starting JsonClientSession] org.eclipse.scout.rt.ui.html.json.MainJsonObjectFactory.getFactories(MainJsonObjectFactory.java:36) - Using following object factories: [org.eclipse.scout.rt.ui.html.JsonObjectFactory@7646906d] - MDC[principal=xxx.yyy, httpUri=/json, scoutSession=v6r80rs8kch0k2pohlnc4u4n2917m8ohb0smftl2jbf4a62i7ah, jobName=Starting JsonClientSession, cid=Sq8Jw6Nn9Gq/1]
2022-04-06 22:27:07,701 INFO  [qtp1600667055-45] org.eclipse.scout.rt.ui.html.UiSession.init(UiSession.java:264) - UiSession with ID 1:gsk4adjmlv49n219mb0v7ono8bfv2g3bo4kdiimvse5duppfdl4 initialized - MDC[principal=xxx.yyy, httpUri=/json, cid=Sq8Jw6Nn9Gq/1]
2022-04-06 22:27:07,717 INFO  [qtp1600667055-45] org.eclipse.scout.rt.ui.html.json.JsonMessageRequestHandler.createUiSession(JsonMessageRequestHandler.java:362) - Created new UI session with ID 1:gsk4adjmlv49n219mb0v7ono8bfv2g3bo4kdiimvse5duppfdl4 in 558.412900 ms [maxIdleTime=14400s, httpSession.maxInactiveInterval=3600s] - MDC[principal=xxx.yyy, httpUri=/json, cid=Sq8Jw6Nn9Gq/1]
2022-04-06 22:27:11,793 INFO  [scout-model-thread-18 Processing JSON request] org.eclipse.scout.rt.platform.exception.ExceptionHandler.handlePlatformException(ExceptionHandler.java:125) - VetoException: Zugriff verweigert [severity=ERROR, user=xxx.yyy, remote-service.name=org.eclipse.scout.contacts.shared.person.IPersonService, remote-service.operation=prepareCreate, form=org.eclipse.scout.contacts.client.person.PersonForm, ui.event=action, ui.adapter=Menu[id=5, modelClass=org.eclipse.scout.contacts.client.Desktop$QuickAccessMenu$NewPersonMenu, parentId=4]] - MDC[principal=xxx.yyy, httpUri=/json, uiSession=1:gsk4adjmlv49n219mb0v7ono8bfv2g3bo4kdiimvse5duppfdl4, scoutSession=v6r80rs8kch0k2pohlnc4u4n2917m8ohb0smftl2jbf4a62i7ah, jobName=Processing JSON request, cid=Bp3cD7ar8Gp/4]

在我看来,某处似乎存在内容安全策略问题,但不知道是否是这种情况,如果是的话,如何解决该问题,即使现在已经研究了很长时间。

帮助?

【问题讨论】:

    标签: java eclipse eclipse-scout


    【解决方案1】:

    您是否在浏览器中运行某种广告拦截器或隐私插件?这将解释报告的 CSP 错误。默认情况下,CSP 规则会阻止内联 JavaScript 代码(例如 <script>...</script>)。 Scout 本身不使用内联代码。因此,浏览器插件很可能已将代码注入页面。报告的“源文件”(“moz-extension”)也暗示了这一点。

    访问被拒绝错误可能不是由 CSP 规则引起的。根据日志文件,点击成功调度到UI服务器上对应的Menu实例。该代码通过服务隧道调用后端服务 (IPersonService),但失败并出现异常。这里有很多可能出错的地方:

    • 后端未运行。
    • 后端正在运行,但未处于有效状态。
    • UI服务器和后端服务器的Auth keys不匹配,无法安全建立服务隧道。检查配置属性 scout.auth.privateKeyscout.auth.publicKey 的值。如有必要,请使用 SecurityUtility 创建一个新对。
    • 用户没有必要的权限。对于通过服务隧道对后端的每次调用,都需要RemoteServiceAccessPermission。对于大多数服务,需要特定的权限,例如ReadPersonPermission
    • 用户不存在。

    要分析这些错误,首先检查 UI 服务器和后端服务器的日志。如果这没有帮助,请设置一些断点并单步执行代码。以下是一些作为起点的类:ServerServletFilterServiceTunnelServletAccessControlService

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 1970-01-01
      • 2015-02-18
      • 1970-01-01
      • 2016-10-09
      • 1970-01-01
      • 1970-01-01
      • 2020-04-28
      • 2016-04-24
      相关资源
      最近更新 更多