Forge Tunnel is throwing a CSP violation when using
react-scripts start with Forge Tunnel which causes
@atlaskit components to not have styles applied. Deploying the app fully works as expected, but when using Tunnel for development the elements lose their styles.
CSP violation detected for 'style-src-elem' while serving content at http://localhost:8001/
My resource definition for the custom ui, with
react-scripts start hosting the server at
- key: view
Example (dummy data from Harvest API docs) of
@atlaskit/code/CodeBlock while tunnel is active:
Tunnel not active:
Anyone had a similar experience or know what I might be doing wrong?
Hi @JackA can you try adding this to the manifest.yml see if it fixes your issue?
Thanks for the reply! I probably should have stated this in the original post but I do already have that set in the manifest and unfortunately it doesn’t solve the issue.
Could you please check if there’s any error in browser logs?
Yes, there are a large number of these errors:
sheet.browser.esm.js:115 Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-+R65CJnZhz/KTm2VOloS25qX7Hnl0H1klKP722q2h6c='), or a nonce ('nonce-...') is required to enable inline execution.
And I can confirm again that the
manifest.yml does contain:
Hi @JackA, I can reproduce the issue on my end. I’ll do some investigation and update you later.
Hi @JackA, sorry for the late reply. The issue is caused by the browser cache. If you Disable the cache in your browser and refresh the page should solve the problem.