Resulting in: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE='), or a nonce ('nonce-...') is required to enable inline execution.
When I try to login using working login it just loops back to show the same login screen.
Hi,
As the message below it says - A single error about an inline script not firing due to content security policy is expected. This is unfortunate, and we have an issue open to fix this behavior. So I don't think this is related to your issue.
Users you are sharing this with must have Kibana access to view an embedded dashboard.
Have you managed to share any other dashboard? Do they all result in the same problem?
Hello! I faced the same problem today. Kibana is loaded into the iframe, and constantly asks for a login-password, I enter the correct login-password, but does not let it into the interface and again requires input. The errors in the console are the same. I registered in kibana.yml - csp.rules: "frame-src http: // localhost: 8080" - it does not help. Tell me how to completely disable CSP for Kibana? I don't need CSP.
At the same time - if you open the link (which opens in an iframe) in a separate tab - everything works correctly
Thanks for reporting this @Sharry_Stowell and @User4. We've been getting several reports of this issue. Before digging into this further, could I just ask you to confirm your Kibana version and browser version you're using?
Thanks for noticing this issue! The version of the Google Chrome browser is 83.0.4103.97. Kibana version v 7.8.0. In Firefox 76.0 (64-bit) has no problem, Kibana loads correctly
We've had a similar issue after the latest Chrome upgrade. The solution there was to set sameSiteCookies: None in kibana.yml and use https (otherwise Chrome won't respect the setting). This will work for Kibana versions 7.8.1 and above
But this other error was only affecting the latest Chrome - 84.0.4147.135 - which neither of you are using, so I'm not sure if this is the same issue or if the solution would help you.
Could you try this and let me know if the issue still persists?
My version of the Google Chrome browser is 85.0.4183.83 (64-bit). Kibana version v 7.7.1.
I've included kibana dashboard into my external web application which I'm running locally and kibana is in cloud. A week before it was working perfectly. But from start of this week, I'm getting this error "A single error about an inline script not firing due to content security policy is expected" . Kindly help me out from this issue. Thanks in advance!!
Hi, as the message says - a single error is expected. That error message has been there for a while. If Kibana is loading fine, you shouldn't worry about that particular error message.
Still continuing with same problem as I mentioned above. Kibana cloud is working absolutely fine. But I couldn't access in my external application. Getting this below error. I couldn't get proper source of the problem and solution. Kindly help me out.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.