[12:49:39] <NathanGavenski>	 Hey, I have a machine at VPS Cloud where I configured my external DNS to be able to use my API on a wikidata gadget I've been working on. I can access just fine using https://prove.wmcloud.org/apidocs/, but when I try to use it inside wikidata I get the error:
[12:49:40] <NathanGavenski>	 ```Connecting to 'https://prove.wmcloud.org/api/items/checkItemStatus?qid=Q42395533' violates the following Content Security Policy directive: "default-src 'self' data: blob: upload.wikimedia.org https://commons.wikimedia.org meta.wikimedia.org *.wikimedia.org *.wikipedia.org *.wikinews.org *.wiktionary.org *.wikibooks.org *.wikiversity.org
[12:49:40] <NathanGavenski>	 *.wikisource.org wikisource.org *.wikiquote.org *.wikidata.org *.wikifunctions.org *.wikivoyage.org *.mediawiki.org wikimedia.org". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback. The policy is report-only, so the violation has been logged but no further action has been taken.```
[12:49:41] <NathanGavenski>	 Is there anything I can do on my end to prevent the CPS violation? Or is this a Wikidata directive?
[13:44:51] <wm-bot>	 !log lucaswerkmeister@tools-bastion-15 tools.lexeme-forms deployed 74bb77b1b4 (l10n updates: el, pl)
[13:44:55] <stashbot>	 Logged the message at https://wikitech.wikimedia.org/wiki/Nova_Resource:Tools.lexeme-forms/SAL
[14:22:12] <dhinus>	 AmandaNP: your user does have access to the utrs project, and I can ssh to the instances, so there is some problem with authentication. can you please open a phab task and include the full output of "ssh -vvv <hostname>"?
[16:38:46] <wm-bb>	 <jeremy_b> I have no idea what you mean about DNS. CSP not CPS. what page is this happening on? (re @wmtelegram_bot: <NathanGavenski> Is there anything I can do on my end to prevent the CPS violation? Or is this a Wikidata directive?)
[16:45:02] <bd808>	 NathanGavenski: there are browser add-ons that can change the CSP protection locally for you. When you use a tool like that you are exposing your web application use to risks that the app authors wanted to protect you from (3rd party content interaction).
[21:23:25] <wm-bb>	 <SOLUTIONEXPERTPLUS> Forwarded from Nasty rabbit Chat: 😘
[21:27:35] <bd808>	 @jeremyb You are a fast moderator! Thanks.
[21:49:20] <wm-bb>	 <jeremy_b> very :) unless I'm probing to see if its maybe somehow a confused legit newbie. or even a compromised account. usually I at least check first for them also being in common with me in any other telegram groups. (re @wmtelegram_bot: <bd808> @jeremyb You are a fast moderator! Thanks.)