On 9/17/2020 3:27 PM, Jason Long wrote:
Hello,
When I added "Header set Content-Security-Policy "default-src 'self';"" to
"httpd.conf" then my website style and some graphical features are disable.
Why?
Thank you.
Use your browser's developer tools (usually F12) to view your console
errors and warnings. The console will tell you what content your CSP
might be blocking.
Until you have your CSP set properly you can use a report only CSP
header to report what's getting blocked without actually blocking it.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only
https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
Jim
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
