Safewhere Identify 5.17 - Known issues

This document summarizes known issues and workarounds where available.

Issues related new Angular version and security settings

• Issue #112916: Console error related to angularx-qrcode is logged when registering user authenticator data on the My Profile page of Safewhere Admin.

  • Root cause: After upgrading to the latest Angular version, Identify has now used a component called angularx-qrcode, which requires an update to the content policy of 'connect-src' in the Safewhere Admin's web.config.

• Issue #108802: Console error message Content-Security-Policy: The page's settings blocked the loading of a resource at blob:https://identifydomain/b64245cd-1152-4813-9893-4fa926da9014 ("child-src"). my-profile is logged when using the System setup page.

  • Root cause: The "blob:" for child-src in the Content-Security-Policy is missing in the Safewhere Admin's web.config.

Our testing shows that these errors, which are logged in the browser's console, do not affect the Admin portal at all. If you want to fix them, you can follow the following steps to apply new Safewhere Admin portal's security settings in version 5.17 during the Tenant upgrade wizard.

• Select Customize Safewhere Admin's security settings in the Tenant upgrade wizard.

• Choose Use default settings and click OK to apply the latest security update.

• Select "Next" to continue the instance upgrade.

If you have already upgraded your Identify tenant to latest version, you can use the Reconfigure feature in the Identify Configurator and then select the Change security settings option.

If you are using customized security settings, you will need to merge changes of the new default settings to yours.