问题
When I Upload a Image into my web APP, it showing below error
Refused to load the image '
<URL>because it violates the following Content Security Policy directive: "default-src * data: 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
I try to solve this error by using following code
<meta http-equiv="Content-Security-Policy" content="default-src *; img-src * 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; style-src 'self' 'unsafe-inline' *">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
but it is not working, could any one please help in this regard
回答1:
Not sure why you are using an "*", i am using similar kind of stuff but my meta tag looks something like this and it works fine for me.
<meta http-equiv="Content-Security-Policy" content="default-src 'none'; connect-src 'self';font-src 'self'; img-src 'self' data: https:; style-src 'self' ; script-src 'self'">Hope this helps
来源:https://stackoverflow.com/questions/53369507/violates-the-following-content-security-policy-directive