Codimd: Speaker Mode is broken

Created on 4 Jul 2018  路  9Comments  路  Source: hackmdio/codimd

Hey!

I used to make presentations with HackMD but now it seems like Revealjs's speaker mode (press s in slide mode) is broken and doesn't show anything.

Would love to see a quick fix!

bug upstream
Source
picture NeoLegends

Most helpful comment

I provided a fix upstream, let's see if it makes it. Otherwise we may need to maintain a fork.

/cc @jackycute

picture SISheogorath on 4 Jul 2018
👍3

All 9 comments

Seems to be related to a CSP error. Not sure why it appears, though. There is no CSP rule in the notes.html, neither is there a manifest for hackmd.io.

Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' vimeo.com https://gist.github.com www.slideshare.net https://query.yahooapis.com 'unsafe-eval' https://cdnjs.cloudflare.com https://cdn.mathjax.org https://www.google.com https://apis.google.com https://docs.google.com https://www.dropbox.com https://*.disqus.com https://*.disquscdn.com https://www.google-analytics.com https://stats.g.doubleclick.net https://secure.quantserve.com https://rules.quantcount.com https://pixel.quantserve.com https://js.driftt.com https://www.googletagmanager.com https://cdn.ravenjs.com 'nonce-3ebfb86a-ba2f-424b-8b2d-295299d7e8f8' 'sha256-EtvSSxRwce5cLeFBZbvZvDrTiRoyoXbWWwvEVciM5Ag=' 'sha256-NZb7w9GYJNUrMEidK01d3/DEtYztrtnXC/dQw7agdY4='". Either the 'unsafe-inline' keyword, a hash ('sha256-L0TsyAQLAc0koby5DCbFAwFfRs9ZxesA+4xg0QDSrdI='), or a nonce ('nonce-...') is required to enable inline execution.

NeoLegends picture NeoLegends on 4 Jul 2018

Thanks for the report!

This is caused by our CSP. I'm not sure if you run a self-hosted instance, on our demo instance https://hackmd-ce.herokuapp.com (not recommended) or on hackmd.io.

If it's hackmd.io, please open an issue in https://github.com/hackmdio/hackmd-io-issues/issues

On a self-hosted instance (if it's really urgent) I would suggest to temporarily disable the CSPs.

SISheogorath picture SISheogorath on 4 Jul 2018

This is hackmd.io. I'll open an issue there.

NeoLegends picture NeoLegends on 4 Jul 2018
👍1

I provided a fix upstream, let's see if it makes it. Otherwise we may need to maintain a fork.

/cc @jackycute

SISheogorath picture SISheogorath on 4 Jul 2018
👍3

I fixed it by adding the hash sha256-L0TsyAQLAc0koby5DCbFAwFfRs9ZxesA+4xg0QDSrdI= into our CSP scriptSrc directives.

jackycute picture jackycute on 5 Jul 2018

So can this be closed then? Is the fix already live?

NeoLegends picture NeoLegends on 5 Jul 2018

I will close this when this fix deploy on server.

jackycute picture jackycute on 5 Jul 2018
👍1

hackmd.io have fixed this issue, now this issue left for CodiMD.

jackycute picture jackycute on 5 Jul 2018
👍1

Fixed in CodiMD as well now. I'll close this while having an eye on the upstream change I send.

SISheogorath picture SISheogorath on 5 Jul 2018
Was this page helpful?
0 / 5 - 0 ratings

Related issues

Nebukadneza picture Nebukadneza  路  3Comments
Someniak picture Someniak  路  3Comments
SISheogorath picture SISheogorath  路  4Comments
yaxu picture yaxu  路  4Comments
arnisoph picture arnisoph  路  5Comments