Refused to load the stylesheet because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'"
Question
I m trying to load an external popup form created with a third-party tool. I keep getting this error about CSP violations. Thing is I can load them correctly locally and they are only blocked when I deploy them on my provider's server. I dont know where these policies are coming from since I havent defined anything in .htaccess file (PHP web app with codeigniter) I checked all the relevant answers but nothing worked for me.
Refused to load the script because it violates the following Content Security Policy directive
because it violates the following Content Security Policy directive: "style-src 'self'"
I also tried several versions of <meta http-equiv="Content-Security-Policy" but again no luck.
1 answers
solution1
0 2022-01-06 06:19:39
It needs to be fixed on the server side. Please update the policy on server.
solution2
-1 2019-05-01 12:31:40
您在元标记中缺少style-src。
<meta http-equiv="Content-Security-Policy" content="style-src 'self' https://domaingoeshere.com/css/fonts.css 'unsafe-inline' 'unsafe-eval'">
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.