-2

I am getting this error

index-cc3a9b6f.js:65 Refused to create a worker from 'http://localhost:3000/docs/reconstatus/serviceworker.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval'". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.

But I have this meta tag in my main html page

  <meta http-equiv="Content-Security-Policy"
    content="default-src 'self' * data: 'unsafe-eval' 'unsafe-inline'; connect-src *; img-src http://localhost:* data:; font-src file: http://localhost:*; worker-src 'self' blob:; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'" />

How can I fix this?

Thanks

omega
  • 40,311
  • 81
  • 251
  • 474

1 Answers1

0

Most likely you have another policy as the directive in the error message doesn't match the policy in meta. Check your response headers for other policies. All content needs to pass all policies, so adding another policy in meta can only make it stricter. You need to identify how the other policy is set and modify/remove it.

Halvor Sakshaug
  • 2,583
  • 1
  • 6
  • 9