Loading image SVG and getting Content Security Policy (CSP) error
Question
I'm trying to load SVG images and get a CSP error as follows:
I keep getting the error event when I added the meta tag:
<meta http-equiv="Content-Security-Policy" content="default-src *;img-src * 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; style-src 'self' 'unsafe-inline' *" >
1 answers
solution1
0 2021-04-28 19:56:39
The error that you can see tells you that the img-src was not set and it fallbacks to default-src even though that you have added meta tag with your CSP values.
This behaviour can be observed when the CSP header is already set via HTTP . You have to choose whether to set it via HTTP or as meta tag.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Add unpkg to Content Security Policy (CSP)
How does Content Security Policy (CSP) work?
What might reasons be of having a Content Security Policy error when a CSP is not even specified?
How to add CSP header (Content-Security-Policy) to vuejs app?
Dynamic CSP (Content Security Policy) connect-src in Angular
How to add Content Security Policy (CSP) in yii2 for smartsupp chat?
How to get past CSP (Content Security Policy) by allowing everything?
Error: Content Security Policy: The page’s settings blocked the loading of a resource
A error occurred when loading a Gif "Refused to load the image because it violates the following Content Security Policy directive: "default-src 'none
Getting content security policy error after deploying react/express app
Related Tags