Multiple JS error due to content-security-policy
11 views
Skip to first unread message
Krunal Jariwala
Mar 31, 2020, 8:20:07 AM3/31/20
to ngx-pagespeed-discuss
With pagespeed module on nginx, we get multiple js related error causing imp site feature to fail. Check
http://prntscr.com/rq4i77
http://prntscr.com/rq4i77
Content Security Policy: The page’s settings blocked the loading of a resource at data:text/javascript,window.pagespeed.ps… (“script-src”). js_defer.I4cHjq6EEP.js:9:506
Current content-security-policy set in header is : content-security-policy: default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
We get the related error on Chrome as well: http://prntscr.com/rq4ksg
js_defer.I4cHjq6EEP.js:9 Refused to load the script 'data:text/javascript,window.pagespeed.psatemp%3D0%3B' because it violates the following Content Security Policy directive: "script-src * 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
I am not sure, how to fix this. Can you pls advise.
Reply all
Reply to author
Forward
0 new messages