Highest Voted 'csp' Questions

0

votes

1 answer

Error when loading images, Image violating Content Security Policy directive: "img-src 'self' data:"

I am trying to load images from in my react component but I am getting this error Refused to load the image 'blob:https://canister_id.icp0.io/76684b08-27e4-4c3f-b260-16847c3b7df6' because it violates the following Content Security Policy directive:…

asked May 17 '23 at 10:22

Enoch

11
1
3

0

votes

1 answer

Can a nonce be used for multiple scripts or not?

Background A year or so ago, my company implemented CSP across all of our digital tools. Every digital tool was an express.js + react application. We generate two nonces (number only used once), one for each chunk generated by webpack (app &…

javascript next.js nonce csp

asked May 17 '23 at 08:47

Vayne Valerius

158
1
9

0

votes

0 answers

using Cloudflare rocket loader with 'strict-dynamic' csp

I'm trying to use cloudflare's rocket loader and other various services(like email obfuscation) with 'strict-dynamic' in my CSP. I'm running into a issue where since 'strict-dynamic' is present none of cloudflare's services can run. I looked at the…

javascript cloudflare csp

asked May 04 '23 at 07:08

dev

95
2
12

0

votes

0 answers

CSP and X-Frame options headers issue in WordPress site

I have scanned my site using OWASP ZAP and got some CSP issues I have added those header in the .htaccess. Also I used http headers plugin for the header. but it still display missing X-Frame options header while I check it in the any online tool.…

php wordpress x-frame-options csp flywheel

asked May 03 '23 at 19:28

Faisal Malik

1
2

0

votes

0 answers

How to set CSP (Content-Security-Policy) in .htaccess

If i set the CSP, my Website won't load. I am trying to avoid unsafe-inline/-eval I use the following file structure .htaccess index.php markup.html scripts/main.js scripts/jquery.js styles/style.css and some other images and text files for…

javascript php html .htaccess csp

asked Apr 30 '23 at 14:06

Wima

23
5

0

votes

1 answer

How to use aframe.js with Content Security Policy on WebServer

For security reasons, Content Security Policy is mandatory on our Internet Information Server. For this purpose, a response header was stored in IIS as follows, which must not be changed: Name: Content Security Policy Value: default-src 'none';…

iis aframe content-security-policy unsafe-eval csp

asked Apr 27 '23 at 06:29

Jörg Meyer

1

0

votes

0 answers

Azure CSP Integration with Indirect Provider using client and secret

We would like to integration Azure CSP Indirect Provider into our portal using client and secret and get the list of customers using REST api. I need an help here how to achive this feature to get implemented. Thanks

microsoft-partnercenter-java csp

asked Apr 26 '23 at 03:10

rajub

320
1
5
17

0

votes

0 answers

KeyError in python constraint in a csp scheduler problem

I need to build a csp scheduler that given a set of students with name,competence,disponibility and a set of tasks with name,competence_required,duration prints (or better show it in a graph) what task a student has to do. I'm at the beginning of…

python constraints scheduler python-constraint csp

asked Apr 16 '23 at 15:50

nicola luna

1
1

0

votes

0 answers

Content security policy - Angular js application (Style-src, script-src - without 'unsafe-eval', 'unsafe-inline')

if someone can help me whether we can add Content security policy style-src, script-src without 'unsafe-inline' to angular js applications. I tried to apply CSP, but it is throwing error for the js libraries. It tried ng-csp in angular js, it is not…

angularjs unsafe-inline csp

asked Apr 13 '23 at 14:36

anusha chockalingam

1

0

votes

0 answers

How to use python-constraint correclty

I tried the python-constraint library to solve a CSP problem, but I don't understand why I got 2048 solutions with a dataframe of 4 records. My dataframe represents a set of distances from the closest elements to fountains in parks, and I use CSP to…

python python-constraint csp

asked Apr 10 '23 at 09:21

Adil Blanco

616
2
6
23

0

votes

0 answers

Refused to execute inline script because it violates CSP

I'm working on a chrome extension that grabs data from a page, then sends a json to my server (opening a new tab and posting data to it) to display a summary. The problem, is that chrome.scripting.executeScript won't execute on my newly opened…

google-chrome-extension csp

asked Apr 07 '23 at 13:33

Zied Hamdi

2,400
1
25
40

-1

votes

0 answers

PDF is not shown correctly only showing the base64 (using CSP)

we use following code to show a PDF in Browser (here is chrome used) Response.AddHeader("Content-Disposition", "inline"); var file = GetDocument(document.Path); return File(file?.Content,…

csp

asked Aug 12 '23 at 13:17

DadaS Erdal

1

-1

votes

1 answer

How to generate and use random value for nonce in inline script in javascript

I am trying to generate random values for nonce, but the generated value don't show in the nonce attributes. My generated code: It is giving an error getRandomValues is not a function const nonce = Crypto.getRandomValues(new…

javascript html csp

asked Aug 03 '23 at 07:11

Neron Godfather

51
1
6

-2

votes

1 answer

How to fix the worker-src CSP in html pages?

I am getting this error index-cc3a9b6f.js:65 Refused to create a worker from 'http://localhost:3000/docs/reconstatus/serviceworker.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval'".…

javascript html csp

asked Jun 16 '23 at 15:56

omega

40,311
81
251
474

Questions tagged [csp]