Refused to connect to ‘blob:http://XXX’ because it violates the following Content Security Policy directive: "connect-src ‘self’

  angular10, docker, ubuntu, windows

I’m using "URL.createObjectURL(blob);" to pass this URL to my "src", to load xeokit viewer, it work’s correctly on windows locally, but if try with docker or ubuntu server it doesn’t work.

i’m also adding this to my index.html header

<meta http-equiv="Content-Security-Policy"
      content="
      worker-src blob:;
      child-src blob: gap:;
       style-src * self 'unsafe-inline' blob: data: gap:;
       script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:;
       object-src * 'self' blob: data: gap:;
       img-src * 'self' blob: data:;
       connect-src * blob: data: gap:;
       frame-src * self blob: data: gap:;
       default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:;">

but i still have the same error.

Source: Windows Questions

LEAVE A COMMENT