[openstreetmap/openstreetmap-website] CSP directive blocks access to Overpass server (#1993)
mmd
notifications at github.com
Thu Sep 13 12:19:51 UTC 2018
Chrome 69 refuses to access Overpass API due to:
https://github.com/openstreetmap/openstreetmap-website/blob/1285bcbd712044720c15e2de2e6bacaf4b0b0a92/app/controllers/application_controller.rb#L416
Error message:
Refused to connect to 'https://lz4.overpass-api.de/api/interpreter' because it violates the following Content Security Policy directive: "connect-src 'self' piwik.openstreetmap.org nominatim.openstreetmap.org overpass-api.de router.project-osrm.org graphhopper.com".
-> lz4.overpass-api.de and z.overpass-api.de need to be added here, as overpass-api.de is just an alias for two production servers.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/1993
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20180913/1d5ccd4e/attachment.html>
More information about the rails-dev
mailing list