Icons from aui-experimental-iconfont cannot be found

Stephan Käser April 18, 2017

I just migrate my JIRA/Confluence to a new server, which I did re-install following the instruction.

I copy the old application home to new server (without dbconfig.xml) & I made all the configuration to make sure they are the same like the old one.

I'm having my JIRA/Confluence running behind nginx, which I reduced the Content-Policy-Header but I still got problem with 

confluence/s/en_GB/6441/7d28db648b08c18ff79fe305b2da56665a84a1fc/5.9.24/_/download/resources/com.atlassian.auiplugin:aui-experimental-iconfont/fonts/atlassian-icons.woff -> return as 404

confluence/s/en_GB/6441/7d28db648b08c18ff79fe305b2da56665a84a1fc/1.0.39/_/download/resources/com.atlassian.confluence.plugins.confluence-dashboard:confluence-dashboard-resources/assets/images/2.0/icon-comment-small.svg  -> return as 404

Screenshot of the error

On my old server, it works just fine and returns as 200.

My confluence version is Atlassian Confluence 5.10.4

My jira version is Atlassian JIRA Project Management Software (v7.2.1#72003-sha1:3448e6b) 

 

 

1 answer

0 votes
AnnWorley
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 22, 2017

I found your support ticket and it looks like you fixed the issue on the NGINX proxy. Are there any details you would like to share with the Community, to help the next person experiencing this issue?

Stephan Käser May 22, 2017

Hi Ann,

Actually the problem is that my Content-policy header doesn't allow JIRA/Confluence to display inline scripts and for the font-src also, so mostly all the inline scripts + fonts files are not being loaded due to failed security policy on NGINX.

So next time if anyone wants to have Confluence/JIRA running behind a proxy like NGINX, please be aware of the content policy header (if has any specified).

But by allowing such a content to be loaded, it violates our security policy as well. Till now I don't find any reason how to eliminate inline-scripts

Thanks for reminding me on this question, Ann ;)

 

Suggest an answer

Log in or Sign up to answer