Content security policy and default-src
Hello, I'm currently using
here is my code:
I did google about what CSP is, from what I've understood it's a response header that is include for security purpose like preventing XSS attacks by preventing malicious scripts from being loaded in our websites from external resrouce (please feel free to add anything if I'm missing important points).
Now from what I've seen on google, they were suggesting to modify
So was wondering how should I proceed to overcome this error pls, I don't really understand why I'm getting this in the first place because everything is still local on my machine .
expressindex.htmlcannot get \Refused to connect to http://localhost:8080/ because it violates the following Content Security Policy directive (connect-src)here is my code:
I did google about what CSP is, from what I've understood it's a response header that is include for security purpose like preventing XSS attacks by preventing malicious scripts from being loaded in our websites from external resrouce (please feel free to add anything if I'm missing important points).
Now from what I've seen on google, they were suggesting to modify
helmethelmetSo was wondering how should I proceed to overcome this error pls, I don't really understand why I'm getting this in the first place because everything is still local on my machine .
A friendly place for developers to meet other devs, ask questions, get help, and just have a good time 🙂.
36,263Members
Resources
Similar Threads
Was this page helpful?
