Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

CSP: $ is not defined error when PF, Springboot, Joinfaces

See original GitHub issue

Describe the bug

I’m getting error in the console: $ is not defined.

Reproducer

It is plain PrimeFaces & Springboot project (attached):

Java EE 11
PrimeFaces 11.0.0
SpringBoot 2.7.1
JoinFaces 4.7.1
MyFaces 2.3.10

When CSP is disabled, browser console is without any error. When CSP is enabled in application.yaml, error is thrown.

Work around can be adding jquery to the page:

<h:head>
    <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>
</h:head>

Build the app and run as SpringBoot by: java -jar primefaces-spring-0.0.1-SNAPSHOT.jar Served on: http://localhost:8080

primefaces-spring.zip

Note: I tried to test this setup also with PF master-SNAPSHOT, but then apps is not even runnable - getting during start:

2022-07-08 11:56:31.188 ERROR 13000 --- [           main] o.a.m.webapp.AbstractFacesInitializer    : An error occured while initializing MyFaces: null

java.lang.NullPointerException: null
        at io.github.classgraph.ClassGraphClassLoader.findClass(ClassGraphClassLoader.java:143) ~[classgraph-4.8.147.jar!/:4.8.147]

Expected behavior

No error in the console.

PrimeFaces edition

Community

PrimeFaces version

11.0.0

Theme

Saga

JSF implementation

MyFaces

JSF version

2.3

Browser(s)

No response

Issue Analytics

State:
Created a year ago
Comments:10 (6 by maintainers)

Top GitHub Comments

1reaction

mellowarecommented, Jul 8, 2022

You could have also just done this instead of including an invisible component…

<h:outputScript library="primefaces" name="jquery/jquery.js" target="head" />

That is what I think @jepsar meant.

1reaction

sasynkamilcommented, Jul 8, 2022

@melloware Thank you - adding some pf component (styled as display: none is working correctly.

@jepsar I mentioned adding jQuery as workaround in the ticket.

Top Results From Across the Web

Support for Primefaces 8? · Issue #796 · joinfaces ... - GitHub

Hi. I see you have released 4.3.0 m2 where you have added primefaces-extensions 8 and Spring Boot 2.3. Does this mean that Joinfaces...

1. About the Documentation - JoinFaces Reference Guide

JoinFaces enables JSF usage inside Spring Boot Applications. If you're not familiar with Spring Boot, you should read its Getting Started guide first....

Error on integrating Primefaces with Springboot/JoinFaces

Other problem is that the xmlns:p="http://primefaces.org/ui" url taglib is not being recognized as you can see on the image. So when i run...

Content Security Policy with Spring Security - Baeldung

The Content Security Policy (CSP) is an HTTP response header that significantly reduces code-injection attacks like XSS, Clickjacking, etc., in ...

Content-Security-Policy Nonce with Spring Security

Yet, it's not mainstream yet, it's syntax is hard, it's rather prohibitive and tools rarely ... So first, you define a CSP nonce...