I’ve just installed nextcloud and have some icons that aren’t rendering. On further inspection, this is because the css elements in spans where they appear (icon-shared being one example) are making reference to a variable that hasn’t been set. At the same time, I’m seeing this in my javascript console:
Content Security Policy: The page's settings blocked the loading of a resource at inline ("script-src").
I can see my Content-Security-Policy is set as:
Content-Security-Policy: default-src 'self'; script-src 'self' 'nonce-...='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self';
It just isn’t clear to me why this is the way it is, or where to change it. Is there a specific config area I can use to change the CSP but in an additive way so I don’t destroy what’s there already?