Web SDK SSL error

Hello, I’m using the local example Web SDK 1.7.8 provided at https://github.com/zoom/sample-app-web/tree/master

It worked 2 days ago, but today some zoom addresses are not accessible and show the error Failed to load resource: net :: ERR_CERT_COMMON_NAME_INVALID
as attached image. Could you please help me?

hey @adrianogaspar

I can confirm this also happens on my end when using the web sdk 1.7.8 - in a deployed environment

attached below is the network trace, as an effect of trying to request:

Hey @adrianogaspar, @grahaampeterson,

This issue should be fixed now. Please let me know if you are still seeing issues. :slight_smile:


hi Tommy, thanks for the update.

Although we’ve noticed we’re only seeing certificate errors occasionally, we’re now noticing the Web SDK seems to be loading images via data: link example
which in turns triggers a content security policy issue on our end as we’re not allowing this.

Can you confirm?
Thank you

Hey @grahaampeterson,

Please provide exact steps to reproduce the issue. I am not seeing this when testing.


Hi Tommy, sorry for late reply.

This issue can only be reproduced on a deployed environment (ie not locally) where specific Content Security Policy rules are in place.

In this specific instance, we’re restricting the ability for the front end application to render images via data: as this exposes security concerns.

As per W3 recommendation it is strongly advised not to load images that way as it leaves it vulnerable to perform XSS type of attacks.

I wanted to check with you whether the Zoom SDK will carry on loading images that way knowing there are still some security exploits left or if you believe this can be addressed in a near future?

Thanks in advance

Hey @grahaampeterson,

Thanks for the additional info. I have asked our Web SDK engineering team to look into this. (CS-1997)

I will get back to you with an update.