Content-security problem with Yunohost Instance

Hello everyone, I am hosting my PeerTube Instance with yunohost on the remote server, and I keep having problems with Content-Security:

Снимок экрана 2021-03-25 в 12.18.122628×474 513 KB

[Report Only] Refused to connect to ‹ wss://pocketnetpeertube3.nohost.me/socket.io/?accessToken=c699a6131f3e5d2add6b015bd7bd0d954bba68de&EIO=4&transport=websocket&sid=2tR0ufOVXq_tmKnZAAAC › because it violates the following Content Security Policy directive: « default-src https: data: ‹ unsafe-inline › ‹ unsafe-eval › ». Note that ‹ connect-src › was not explicitly set, so ‹ default-src › is used as a fallback.

[Report Only] Refused to load media from ‹ blob:https://pocketnetpeertube3.nohost.me/818c4d38-47d1-48e6-a6bc-75aa2e54d6b4 › because it violates the following Content Security Policy directive: « default-src https: data: ‹ unsafe-inline › ‹ unsafe-eval › ». Note that ‹ media-src › was not explicitly set, so ‹ default-src › is used as a fallback.

[Report Only] Refused to create a worker from ‹ blob:https://pocketnetpeertube3.nohost.me/7c9c9890-ceab-48ef-ad7c-9e6e3756ab51 › because it violates the following Content Security Policy directive: « default-src https: data: ‹ unsafe-inline › ‹ unsafe-eval › ». Note that ‹ worker-src › was not explicitly set, so ‹ default-src › is used as a fallback.

Is there any simple way to fix this, because with Yunohost I have no access to nginx config.

Thanks for your attention.

Hi @zanhesl,

Short answer is no, you don’t have any way to fix this simply. I suggest getting in touch with https://github.com/YunoHost-Apps/peertube_ynh for further support regarding this YunoHost package.

Thank you for your answer! But does it mean, that webtorrent is not used at all? I am still getting peers (according to player’s counter), and WS-connection in the console tab shows that it is active.

The errors are just reports, not real errors, as mentioned in their text. So no, it shouldn’t prevent WebTorrent from working.