Hello all,
I am trying to get a custom domain setup but I keep getting this:
My github is here:
Any help would be appreciated.
Kind regards,
my guess is that your .ic-assets.json file has a ‘5’ at the end
[
{
"match": "**/*",
"headers": {
// Security: The Content Security Policy (CSP) given below aims at working with many apps rather than providing maximal security.
// We recommend tightening the CSP for your specific application. Some recommendations are as follows:
// - Use the CSP Evaluator (https://csp-evaluator.withgoogle.com/) to validate the CSP you define.
// - Follow the “Strict CSP” recommendations (https://csp.withgoogle.com/docs/strict-csp.html). However, note that in the context of the IC,
// nonces cannot be used because the response bodies must be static to work well with HTTP asset certification.
// Thus, we recommend to include script hashes (in combination with strict-dynamic) in the CSP as described
// in https://csp.withgoogle.com/docs/faq.html in section “What if my site is static and I can't add nonces to scripts?”.
// See for example the II CSP (https://github.com/dfinity/internet-identity/blob/main/src/internet_identity/src/http.rs).
// - It is recommended to tighten the connect-src directive. With the current CSP configuration the browser can
// make requests to https://*.ic0.app, hence being able to call any canister via https://ic0.app/api/v2/canister/{canister-ID}.
// This could potentially be used in combination with another vulnerability (e.g. XSS) to exfiltrate private data.
// The developer can configure this policy to only allow requests to their specific canisters,
// e.g: connect-src 'self' https://ic0.app/api/v2/canister/{my-canister-ID}, where {my-canister-ID} has the following format: aaaaa-aaaaa-aaaaa-aaaaa-aaa
// - It is recommended to configure style-src, style-src-elem and font-src directives with the resources your canister is going to use
// instead of using the wild card (*) option. Normally this will include 'self' but also other third party styles or fonts resources (e.g: https://fonts.googleapis.com or other CDNs)
show original
I think it wont include the .well-known since that name is off and then you get that error
Why has every project I created got an ic-assets.json5 if having this 5 at the end of the file is so bad?
I didn’t add the 5, dfx new did.
Indeed curl -l https://bgpwv-eqaaa-aaaal-qb6eq-cai.icp0.io/.well-known/ic-domains does not return the expected domain.
When you npm run build, does your dist folder contains a ./well-known/ic-domains file?
Yeah I’ve managed to get it to create the folder by making the following adjustment in my webpack:
The issue was solved as following:
remove 5 from .ic-assets.json5 → .ic-assets.json as @Gekctek suggested
remove duplicate files .ic-assets.json within repo (there was one in src and two in assets folder)
keep a single .ic-assets.json in src/frontend/assets
move src/.well-known to src/frontend/assets/.well-known
update webpack.config to copy both assets/.ic-assets.json and assets/.well-known to dist folder
After clean-up and re-deploy, OP was able to order the custom domain.
P.S.: Since this is the second or third time this week that I provide support for the exact same issue, I would like to mention that this issue never occurs in Juno , where the configuration is automatically set for the developer.
4 Likes
