Skip to main content
Question

Content Security Policy issue on SSO login page

  • May 27, 2025
  • 1 reply
  • 7 views
C
Forum|alt.badge.img

I use Box through my workplace at the University of Chicago.  Until very recently, I was able to connect to the Box portal at https://uchicago.account.box.com/login then log in with SSO.  This is using Pale Moon web browser.  Starting this week, I was instead redirected to a blank page that is titled Submit Form.

Accessing the web console gives the following error:

GET 
https://sso.services.box.net/sp/startSSO.ping
Content Security Policy: The page’s settings blocked the loading of a resource at inline (“default-src”). Source: 
        window.onload = function() {
  ....

Disabling Content Security allows for the SSO to go through.  Box works fine afterward, including if content security policy is re-enabled.

The same University SSO works fine for other websites.

    1 reply

    C
    Forum|alt.badge.img
    • community-manager
    • Author
    • Box Employee
    • 34738 replies
    • May 27, 2025

    Hi Jeffrey, 

    Welcome to Box Community and happy to assist!

    As much as we wanted to address this issue with you. Your Enterprise account has a designated team that works closely with Box Premier Services.

    At this rate, please get in touch with your internal helpdesk team for immediate assistance.

    Thanks for posting!


    Terms & ConditionsCookie settingsAccessibility statement