Content-Security-Policy issue
-
Hi, when I use the content security policy header, the language switcher’s flag breaks down. Although I use “unsafe-inline” tag in most of the titles, I couldnt solve the issue. Also my own url is already added in “filesystems:” tag with wildcards (*.url.com/*)
This is how I use the header (I have seperated into lines to make it easier to view):
Header set Content-Security-Policy
default-src ‘self’ ‘unsafe-inline’ https: filesystem: related-urls-here
script-src ‘self’ ‘unsafe-inline’ https: filesystem: related-urls-here
style-src ‘self’ ‘unsafe-inline’ https: filesystem: related-urls-here
img-src ‘self’ ‘unsafe-inline’ https: filesystem: related-urls-here
connect-src ‘self’ ‘unsafe-inline’ https: filesystem: related-urls-here
font-src ‘self’ https: filesystem: related-urls-here
media-src ‘self’ https: filesystem: related-urls-here
child-src ‘self’ ‘unsafe-inline’ https: filesystem: related-urls-here
form-action ‘self’ https: filesystem: related-urls-here
frame-ancestors ‘self’ ‘unsafe-inline’ https: filesystem: related-urls-here
frame-src ‘self’ ‘unsafe-inline’ https: filesystem: related-urls-here
worker-src ‘self’ ‘unsafe-inline’ https: filesystem: related-urls-here
manifest-src ‘self’ https: filesystem: related-urls-here
navigate-to ‘self’ ‘unsafe-inline’ https: filesystem: related-urls-here
base-uri ‘self’ https: filesystem: related-urls-hereThanks.
The topic ‘Content-Security-Policy issue’ is closed to new replies.
