Notifications
Clear all
Topic starter
After enable the content security policy in a magento site, you see below warnings/errors in the browser console. "[Report Only] Refused to load the script 'https://cdn.jquery.com/jquery.js' because it violates the following Content Security Policy directive: "script-src assets.adobedtm.com".
What could be the standard fix of this problem?
- A . Add etc/csp_whitelist.xml in a custom module and whitelist it under policy id=”script-src”
B. Add etc/csp_whitelist.xml in a custom module and whitelist it under policy id=”link-src”
C. Add etc/config.xml in a custom module and set report only to 1, to let the browser load all script urls without error.
D. Disable the module Magento_Csp to let the browser load all script urls without error.
Suggested Answer: A
Posted : 31/01/2023 4:32 am