[openstreetmap/openstreetmap-website] Content Security Policy violations (#2155)

積丹尼 Dan Jacobson notifications at github.com
Sun Feb 24 22:13:37 UTC 2019

Use Developer tools (F12) visiting e.g., https://www.openstreetmap.org/#map=13/24.3577/120.9286
The page loads fine, but in the Console I see
In Firefox:
> Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). www.openstreetmap.org:1:1 

In chromium:
> Refused to load manifest from 'https://www.openstreetmap.org/assets/manifest-63908e2….json' because it violates the following Content Security Policy directive: "manifest-src 'none'".

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20190224/a895a088/attachment.html>

More information about the rails-dev mailing list