ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

CABI Summary Dashboard not working in chrome


Article ID: 144678


Updated On:


DX Unified Infrastructure Management (Nimsoft / UIM)


Dashboards and reports open normally when launched in Internet Explorer. However, when launching them in Chrome (Operator Console says it only works in Chrome) all you receive is a spinning wheel.

When using the Web Browser's Dev Tools (F12) we see the following errors:
Refused to load the script '' because it violates the following Content Security Policy directive: "script-src 'self' https: * * * * * 'unsafe-eval' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.


The UMP does not set a Content-Security-Policy in the script source. In this instance the customer environment had a Security Appliance that was inserting a Content-Security-Policy and setting the script-src which causes problems in Chrome and FireFox.


Release : 9.2.0

Component : UIMCBI


Add the following to the included headers page to set the Content-Security-Policy on the UMP server


    // Content-Security-Policy
    //  Summary: Content Security Policy informs the client about the sources from which the application expects to load
    //           resources
    //  Info:
    response.setHeader("Content-Security-Policy", "script-src 'self' https: 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data:;");