违反环境中的内容安全策略指令Ember Cli [英] Violating Content Security Policy directive in environment Ember Cli
问题描述
我已经建立了一个音乐播放器组件,其中包含了消费SoundCloud Api的音乐播放器组件。在Chrome中,我开始在我的控制台中收到此错误通知,随时播放一首歌曲我的应用程序加上歌曲没有播放。
查看错误
仅报告]拒绝连接到
所以我的问题是,我如何提供这些权限,以免违反
内容安全策略指令'connect-src'
?我现在还要采取什么其他行动?
再次,问题仅在于Chrome
为了更清楚地解决内容安全策略,并避免与更多子域进一步冲突,我建议将其更改为:
contentSecurityPolicy:{
pre>
'connect-src':'self'https://*.sndcdn.com,
},
I have a built a Music Player Component with ember consuming the SoundCloud Api
Suddenly in Chrome i start getting this error notification in my console anytime i play a song in my application plus the songs does not play.
See the error
Report Only] Refused to connect to 'https://ec-media.sndcdn.com/YEqcIen0Pkq6.128.mp3?f10880d39085a94a0418a7ef69…fe493d321fb2a6a96186dcb97beab08f3cea5ad8b42d543c3edc7371f0eb5b2b00ba96395e' because it violates the following Content Security Policy directive: "connect-src 'self' data: cf-media.sndcdn.com ws://localhost:35729 ws://0.0.0.0:35729 http://0.0.0.0:4200/csp-report".
It is complaining about the "connect-src 'self' data: cf-media.sndcdn.com ws://localhost:35729 ws://0.0.0.0:35729 http://0.0.0.0:4200/csp-report".*"
This is because after bit of research i have modified in
environment.js
the content security policy like thiscontentSecurityPolicy: { // 'connect-src': "'self' data: https://cf-media.sndcdn.com", 'connect-src': "'self' data: cf-media.sndcdn.com", },
Before my change the problem was the same and this was the console log error
So my question is, how can i give these permission in order to not violate the Content Security Policy directive for
'connect-src'
? What other action have i to take now?Again the problem is only in Chrome
解决方案To more clearly address the content security policy and avoid further conflicts with more subdomains, I suggest changing it to be:
contentSecurityPolicy: { 'connect-src': "'self' https://*.sndcdn.com", },
这篇关于违反环境中的内容安全策略指令Ember Cli的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!