Hi!
We are struggling with content-security-policy realm setting not allowing us to put anything above 255 chars in there. This is obviously very low for a non-default CSP, and should be considered an architectural error on the Keycloak side.
The following error is thrown when we try to go above 255 chars:
**Error!** javax.persistence.PersistenceException: org.hibernate.exception.DataException: could not execute statement
My assumption is, it is happening because the database entry for CSP has value of type varchar(255).
Is there a way to patch/workaround this without consequences?
That’s correct. There is a size limit on that DB field which is causing the exception. We ran into the same thing. However, it is possible to put the CSP in the body of the HTML:
Yes and no. For security reasons, the meta tag can only make the policy more strict, not to relax the policy defined in the headers. So you will have to set the header CSP in the Admin UI to the minimum you want, and then add additional policy restrictions in the meta tag.