Here is a reroll of the patch #2
We ran into this issue in combination with 🐛 media_library_opener leads to massive GET requests that break varnish etc. Active while opening the media library and navigating through the pages
The error occurred because our nginx servers didn't accept long url's with a long CSP header. We could have adjusted the nginx configuration but not sending a CSP header in response to AJAX requests seems to be a better solution.
I've used a filename that was not websafe. My bad. I can't delete my previous comment. here is the patch with the commit hash as filename.
This patch contains the current state of the merge request. See "Patches from drupal.org merge request URLs are dangerous?" for more information.
This patch contains the current state of the merge request. See "Patches from drupal.org merge request URLs are dangerous?" for more information.