Content Security Policy “data” not working for base64 Images in Chrome 28

Question

In this simple example, I\'m trying to set a CSP header with the meta http-equiv header. I included a base64 image and I\'m trying to make Chrome load the image.

I t

Answer 1

According to the grammar in the CSP spec, you need to specify schemes as scheme:, not just scheme. So, you need to change the image source directive to:

img-src 'self' data:;