问题
Here is my meta tag :
<meta http-equiv="Content-Security-Policy" content="default-src * 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval'; style-src http://* 'self' 'unsafe-inline'; media-src *">
I am using this meta tag to call server's socket.io.js file on port like :
<script src="https://example.co:3344/socket.io/socket.io.js"></script>
This is for WebRTC (rtcmulticonnection), so my stream event triggered and stream create a media :
rtcMultiConnection.onstream = function(event) {
if (event.stream.getVideoTracks().length) {
$('.users-container').append(event.mediaElement);
}
}
And error occures :
Refused to load media from 'blob:http://localhost:8000/74677955-8811-43d0-bf30-2362208364d7' because it violates the following Content Security Policy directive: "media-src *".
It works in Mozilla Firefox, but not work in Android, Chrome Browser and IOS.
EDIT
AndroidManifest permissions :
<uses-permission android:name="android.permission.CAMERA" />
<uses-permission android:name="android.permission.MICROPHONE" />
<uses-permission android:name="android.permission.MODIFY_AUDIO_SETTINGS" />
<uses-permission android:name="android.permission.RECORD_AUDIO" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />
I could not see android error.
回答1:
Try 'media-src blob:' in your meta tag as well as the wildcard:
<meta http-equiv="Content-Security-Policy" content="default-src * 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval'; style-src http://* 'self' 'unsafe-inline'; media-src * blob:">
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/media-src
来源:https://stackoverflow.com/questions/46069143/cordova-content-security-policy-directive-media-src