I am using the js plugin that adds inside itself SVG images. I have added CSP policy to my website, but I can’t configure it to allow plugin’s code. Its code looks like: I am looking for a configuration that allows SVG image that is rendered in the object. I am tried different options from there &…
Tag: content-security-policy
Whitelisting inline script with csp sha-256 in firefox
I can not get whitelisting by checksum to work in firefox (52.0.2, windows). Firefox supports content security policy version 2 according to caniuse, so checksumming should be supported. When chrome blocks an inline script, it prints the needed sha-256 to console. Adding it to the csp rules successfully white…
Content Security Policy not allowing form submission
Please I need assistance here. I have a form to submit to another url but when I try to submit it, it refuses to submit and I was checking my console. On Chrome, I see the following errors resources2.aspx?HCCID=75694719&culture=en-US&mlcv=3006&template=5:7 Refused to load the image ‘https://…
Refused to load the script because it violates the following Content Security Policy directive
When I tried to deploy my app onto devices with Android system above 5.0.0 (Lollipop), I kept getting these kind of error messages: 07-03 18:39:21.621: D/SystemWebChromeClient(9132): file:///android_asset/www/index.html: Line 0 : Refused to load the script ‘http://xxxxx’ because it violates the fo…