[Error] because it violates the following Content Security Policy directive
In the process of HTML development, we encountered the following error, which means the permission problem of HTML meta setting
Refused to connect to 'blob:http://localhost:8080/6d57f07f-3c2f-49ca-be30-fd0b7f4cff6e'
because it violates the following Content Security Policy directive:
"default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content: ".
Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
Specifically, this bug appears when using vue-html2pdf.
The screenshot is as follows
the last time I encountered a similar problem was when I used the video tag.
These are similar problems
You need to open the source code of the HTML page (for example, index.html ), modify the meta in the head section
<meta http-equiv="Content-Security-Policy" content="default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content: https://ssl.gstatic.com;
media-src * blob: 'self' http://* 'unsafe-inline' 'unsafe-eval';
style-src * 'self' 'unsafe-inline';
img-src * 'self' data: content:;
connect-src * blob:;">
The example is divided into multiple lines and can be modified according to your own needs. For example, IMG SRC allows * and other types of resources.
Connect SRC allows * blob: and other types of resources. Note that * does not contain the blob: type. If it is not declared, blob: may be wrong
reference material
Used to connect to XXX – because it violates the following content security policy
Cordova rejected to connect to xxxxx - white list refuses to send network requests
meta tag official website: https://developer.mozilla.org/zh-CN/docs/Web/HTML/Element/meta
Content security policy website: https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Headers/Content-Security-Policy__ by_ cnvoid
Read More:
- It is invalid to submit the content directly after pasting it on the mobile terminal of Vue HTML5 editor
- Cmake[Warning]:Policy CMP0054 is not set
- MYSQL:ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
- ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
- Linux (error 1819 (HY000): your password does not satisfy the current policy requirements)
- Dubbo SPI custom equalization policy error
- nginx: [emerg] unknown directive “proxy_pass“
- Failed to load SELinux policy. Freezing due to modification of SELinux by centos7
- Chrome setting — Disable web security to solve cross domain problems
- Solutions to “an error occurred while processing this directive”
- After introducing security, the service cannot be registered with Eureka
- Solution to prompt “system group policy forbids installation of this device” in win10 system
- How to solve the problem of “blocked loading mixed active content” in Firefox
- Content rendering error: a solution to the problem of zero Download document cannot be opened
- A method of collecting JS dynamic content by PHP
- You set the variable “no_check_targets“ here and it was unused before it went out of scope.
- When a system is deployed on weblogic12.2.1.3, it reports an error “IllegalStateException zip file closed”. When it is deployed on weblogic12.2.1.2, it does not report an error and can be accessed normally.
- Centos 7.2 failed to load SELinux policy freezing
- It will appear as soon as it is turned on BTServer.exe -Application error (0xc0150002)
- “ XX.app ”It is damaged and cannot be opened. You should move it to the wastebasket.