Reputation: 3
problem in Content Security Policy for external scripts
i want access to this scripts:
<script src="https://js.stripe.com/v3/"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/axios/0.21.1/axios.min.js"></script>
<script src="https://api.mapbox.com/mapbox-gl-js/v2.1.1/mapbox-gl.js"> </script>
and this stylesheet:
<link rel="stylesheet" href="https://api.mapbox.com/mapbox-gl-js/v2.1.1/mapbox-gl.css">
but i have some kind errors like this:
Refused to load the script 'https://js.stripe.com/v3/' because it violates the following Content Security Policy directive: "script-src https://cdnjs.cloudflare.com https://api.mapbox.com 'self' blob:". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
i use meta tag to access all websites with all assets, but doesn't work:
<meta http-equiv="Content-Security-Policy" content="default-src https:">
Upvotes: 0
Views: 1278
Answers (1)
Reputation: 67
when I changed the version of my axios it worked for me on that version it is not working. so go to src of your axios file and change it to another version.
Upvotes: 0
Related Questions
- Html Error: Refused to load the script because it violates the following Content Security Policy directive
- Refused to execute inline script because it violates the following Content Security Policy directive
- Content Security Policy violation on external Js Script
- Content security policy including a script
- Refused to load scripts because it violates the following Content Security Policy directive
- Refused to execute inline script for Redocly
- Refused to load inline script
- CSP and inline scripts getting blocked
- Loading script and manifest violates Content Security Policy directives
- Inline script violates Content Security Policy