If we execute docker compose up locally and create new credentials, the password is not blurred anymore. This is because of a CSP-Error (Content Security Policy) which blocks the the request which gets the font to blur out the password.

The CSP-Error can be viewed in the network console of the browser. The failing request is: http://localhost:4200/text-security-disc.woff2.

To finish this story we need to include localhost:4200 in the our content security policy to be able to fetch the fonts from it.

File which could help you:

• content_security_policy.rb