Skip to content

“style-src ‘self’”. Either the ‘unsafe-inline’ keyword, a hash

I have a webpage hosted on jenkins server.

I saw that in the latest jenkins update there was

So I have read this fantastic post on how to bypass this restriction

I have added this <meta> to my page

but i keep on getting console errors:

Refused to apply inline style because it violates the following Content Security Policy directive: “style-src ‘self’“. Either the ‘unsafe-inline’ keyword, a hash (‘sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=’), or a nonce (‘nonce-…’) is required to enable inline execution.

<title>Bidi: unknown bl version vs. 1.0.487</title>
<meta content="text/html; charset=utf-8 ;" http-equiv="content-type">
<meta content="style-src 'self'" http-equiv="Content-Security-Policy"><meta content="script-src 'self'" http-equiv="Content-Security-Policy"><meta content="default-src 'self'" http-equiv="Content-Security-Policy"><link rel="stylesheet" href=""><link rel="stylesheet" href=""><script type="script" src=""></script><link rel="icon" href="/jenkins/view/QA/job/RoutingRegression/ws/src/main/resources/html_pages/images/favicon.png" type="image/gif" sizes="16x16"><link rel="stylesheet" href="/RoutingRegression/html_pages/css/delta_samples.css">

enter image description here



I think you should read this fantastic post I fully relaxed my Jenkins config by using

System.setProperty(“hudson.model.DirectoryBrowserSupport.CSP”, “”)

User contributions licensed under: CC BY-SA
2 People found this is helpful