Jump to content


  • Content Count

  • Joined

  • Last visited

  1. (Disregard, I fixed it. Can't seem to delete this, so I'll just edit it instead.)
  2. Alright, it's not Cloudflare. For some reason these elements refuse to load with the content security header in place preventing any 3rd party/non-local elements. Any ideas? I've commented the security header out which is a temporary fix at best, but not something I want to push into production.
  3. Good call, it's been amended properly however the issue persists. There should be no caching at the Cloudflare level. Without having to transfer DNS elsewhere just to test, is there anything else you can think of? Temporarily I've disabled the https redirect in my nginx .conf for this domain, and with Cloudflare. I passed traffic straight to the sub-domain, no CF, purged cache. Still no widgets in the admin area. See below:
  4. Ah, and there it is. Content Security Policy: The page’s settings blocked the loading of a resource at inline (“default-src”). Some cookies are misusing the recommended “SameSite“ attribute 2 Content Security Policy: The page’s settings blocked the loading of a resource at inline (“default-src”). onloadwff.js:71:790746 Layout was forced before the page was fully loaded. If stylesheets are not yet loaded this may cause a flash of unstyled content. jquery-1.8.3.min.js:2:91186 Content Security Policy: The page’s settings blocked the loading of a resource at inline (“default-src”). admin:287:
  5. Per the documentation: Neither Auto Minify or Rocket Loader were/are enabled. I cleared CF cache for good measure as well. Is what I'm seeing still related to Cloudflare? Just curious since my site uses CF for SSL Certs, but I can swap those for Let's Encrypt or similar instead of relying on Cloudflare for them if I need to.
  6. Thank you Paul, that certainly did the trick. I had to enable legacy passwords temporarily.
  7. I setup Blesta the other day to take it for a test drive, and I seem to have misplaced (AKA, not saved) my admin details. I tried the password reset, though no email has arrived. Looking at the MySQL tables I see that there is a staff ID 1. which is me, and the email address associated with that ID is in fact correct. But still, not link sent to me. What's the best way to do a reset of this manually?
  8. The pre-existing options do not allow for a large text area as a custom field. I'd like to customers to have the option, when signing up, to copy/paste their public PGP/GPG key during the registration process. Is it possible that a form field option can be added that'd permit them submitting a key, and it retaining it's format in the admin area? Ex: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2 mQENBF/uXxMBCADW2tTtUQwkzcYh/SlJAgT2e7Pt1eZUpgT0Ig0yJxY7wUmbM31Q mYiisRXflg0gj+qL8cF1bNPV0mdUIVIWqnY3jZIeLodR4+I3HBFp7rpjQnRwtEOb ZbyR74juajp23aKDEXyIQtJ8WkEuvW6lyXwYyIZmTw8aF7
  • Create New...