"CSP violation detected ..." in Forge tunnel while testing Confluence macro


I’m testing a Confluence Macro (Custom-UI) using Forge tunnel.
In general all works fine. But from time to time a warning message appears:

CSP violation detected for 'connect-src' while serving content at http://localhost:8001/
For an app to share data with external resources or use custom CSP, follow the steps in: https://go.atlassian.com/forge-content-security-and-egress-controls

Usually I can continue testing.
But when the additional message appears “CSP violation detected for ‘script-src’ …” the execution stops.
The deployed macro works fine without any error message in the browser console.

Does anyone has a clue why this appears? Is this an issue related to forge tunnel / node / docker?


P.S. Im working on Win10, node v12.19, Docker 4.3.2

Browser log when CSP violation occurs (only when using Forge tunnel):

I’ve noticed this too. Whenever I step away from my computer for a while and return, forge tunnel prompts that error. Once I restart forge tunnel it works again (no CSP error). Now by habit I restart forge tunnel whenever I step away (which is annoying).

Thanks @AB23Sunset. The behaviour you described I know as well.
My description above is different and appears while testing in one session without interruption.

Hi Atlassian staff,
i suspect that the number and volume of forge-bridge calls lead to the forge tunnel problems.
(As already mentioned without forge tunnel all works fine)

Can anyone have a look at this topic and help me please.

Thanks - BR,

After today’s installation of forge cli v2.0.7 I saw also an error in the browser concole:

(Resolver calls are rate limited at 20req/2s)

Does that limitation only occurs in forge tunnel - or is this a general limitation?

I also regularly encounter this problem and it is indeed annoying. It can occur when the tunnel has been inactive for some time as well as while it is in active use. It would be good to know how many others are affected by the same problem. I see no useful error messages and so far I’ve been unable to associate the issue to anything that is under my control. Any hints, anybody?