Violates the following Content Security Policy directive

javascript html google-chrome content-security-policy
41,496

I am not sure why you are using an "*". I am using a similar kind of stuff, but my meta tag looks something like this and it works fine for me:

<meta http-equiv="Content-Security-Policy" content="default-src 'none'; connect-src 'self';font-src 'self'; img-src 'self' data: https:; style-src 'self' ; script-src 'self'">

Share:
41,496
Hari9513
Author by

Hari9513

Updated on July 18, 2022

Comments

  • Hari9513
    Hari9513 almost 2 years

    When I upload an image into my web application, it is showing the below error

    Refused to load the image ' <URL> because it violates the following Content Security Policy directive: "default-src * data: 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.

    I try to solve this error by using the following code

      <meta http-equiv="Content-Security-Policy" content="default-src *; img-src * 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; style-src 'self' 'unsafe-inline' *">
  <meta charset="utf-8">
  <meta http-equiv="X-UA-Compatible" content="IE=edge">

    But it is not working. How can I fix this problem?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Moving div above another using Javascript/JQuery?
Javascript onclick in radio button does not work in Chrome
Chrome Extension “Refused to load the script because it violates the following Content Security Policy directive”
stop Chrome's click and hold / drag image default behavior
How to fill out a textfield within a form on a webpage from a chrome extension?
Making Fixed floating element scrolling smoothly in Firefox and Chrome
Speech recognition not working in chrome
Does a *.example.com for a content security policy header also match example.com?
background.html vs. background.js - chrome extension
How to tell Chrome to clear cache and cookies from a website?