Reputation: 957
CSP warning firebug
Im developing a game with JavaScript and canvas. And recently since i implemented clicks i have been receiving this message in firebug:
CSP WARN: allow directive is deprecated, use the equivalent default-source directive instead
Its not affecting the game at all, but i was wondering what it meant? and could it affect my game eventually?
I found this online, but i can't make any sense of it, and im not totally sure if its talking about the same message that im receiving
Thanks
Upvotes: 3
Views: 1522
Answers (2)
Reputation: 3086
That is old syntax for CSP. You don't say: "allow 'self'" anymore. You say:
Content-Security-Policy: default-src 'self'
Upvotes: 1
Reputation: 688
CSP is Content Security Policy, these are HTTP headers that can for example restrict JavaScript execution in the browser. The warning points out a non-critical problem with the policy.
To look at the headers you could use curl -I on your server. The "Content-Security-Policy", "X-Content-Security-Policy" and "X-WebKit-CSP" fields are relevant.
Since you don't know about CSP I assume you are not administrating the web server, you might want to talk to the person in charge.
Upvotes: 1
Related Questions
- how to add Content Security Policy (CSP)
- Content security policy including a script
- Content Security Policy: resource blocked but CSP is configured to allow it
- CSP issue in firefox
- Whats wrong with my CSP? Content Security Policy (CSP) implemented unsafely
- jQuery 3.1.1 violation of CSP directive
- Why does Firefox always give a warning with CSP: default-src 'self'?
- Strange CSP error in Firefox
- Catching Content Security Policy (CSP) errors
- JavaScript issue (CSP warn) in Firefox OS simulator