Issue with Display in Chrome/Edge - Page Remains Blank

• Used Zammad version: 6.1.0-1695370857.23872500.bookworm
• Used Zammad installation type: source (GitHub - bashclub/zamba-lxc-toolbox: Zamba LXC Toolbox a script collection to setup LXC containers on Proxmox + ZFS. Zamba is the fusion of ZFS and Samba (standalone, active directory dc or active directory member), preconfigured to access ZFS snapshots by "Previous Versions" to easily recover encrypted by ransomware files, accidently deleted files or just to revert changes.)
• Operating system: Debian12
• Browser + version: Chrome v117.0.5938.92 / Edge v117.0.2045.41 / FireFox 117.0.1

After a fresh installation, I can no longer access the page with Chrome/Edge. The page remains blank and displays the following errors:

grafik552×633 26.7 KB

– Content Security Policy blocks inline execution of scripts and stylesheets

1. Refused to execute inline script because it violates the following Content Security Policy directive: “script-src *”. Either the ‘unsafe-inline’ keyword, a hash (‘sha256-DDOFFxFZ+6vopqhWBYh1vLBG96qyi1TnFD77q6SaBiE=’), or a nonce (‘nonce-…’) is required to enable inline execution.

2. Refused to execute inline script because it violates the following Content Security Policy directive: “script-src *”. Either the ‘unsafe-inline’ keyword, a hash (‘sha256-Xm9+UbE9a5ZWWwqa5EmASox0HS8xJgaAmgq2f7VrXOQ=’), or a nonce (‘nonce-…’) is required to enable inline execution.

3. Refused to apply inline style because it violates the following Content Security Policy directive: “style-src *”. Either the ‘unsafe-inline’ keyword, a hash (‘sha256-OscGv6ROJz45t1NaoBCVRmnvap1ElR24EWQuJWrwaQc=’), or a nonce (‘nonce-…’) is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the ‘unsafe-hashes’ keyword is present.

4. Refused to apply inline style because it violates the following Content Security Policy directive: “style-src *”. Either the ‘unsafe-inline’ keyword, a hash (‘sha256-OscGv6ROJz45t1NaoBCVRmnvap1ElR24EWQuJWrwaQc=’), or a nonce (‘nonce-…’) is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the ‘unsafe-hashes’ keyword is present.

I can log in and work normally with Firefox, and there were no errors during the installation process.
It was installed using the script from the LXC-Toolbox by Bashclub: Bash Club · GitHub

How can I resolve this problem?

Thank you & best regards from Vienna.

The installation script you mentioned is not an official installation method of Zammad.
The last time I had a look at that script it did some sketchy host file blocking.

I have not qualified if it does change files, if it does, there might be your problem.
Please use consider cross checking this issue by installing Zammad on a machine per documnetation:
https://docs.zammad.org/en/latest/install/package.html

This topic was automatically closed 360 days after the last reply. New replies are no longer allowed.