最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客

javascript - Content Security Policy Wildcards? - Stack Overflow

programmeradmin0浏览0评论

I'm getting this content security policy error:

Refused to connect to ':6443/events/proto-raws' because it violates the following Content Security Policy directive: "connect-src [.....]

My content security policy rules for connect-src include:

"https://*.statscollector.sd-rtn:6443/*",

Am I not using wildcards correctly?

I'm getting this content security policy error:

Refused to connect to 'https://web-2.statscollector.sd-rtn.:6443/events/proto-raws' because it violates the following Content Security Policy directive: "connect-src [.....]

My content security policy rules for connect-src include:

"https://*.statscollector.sd-rtn.:6443/*",

Am I not using wildcards correctly?

Share Improve this question asked Sep 6, 2022 at 1:15 VikRVikR 5,1429 gold badges56 silver badges112 bronze badges 1
  • 2 Just try this https://*.statscollector.sd-rtn.:6443 as your content security rule – bhargava.prabu Commented Sep 6, 2022 at 1:47
Add a ment  | 

1 Answer 1

Reset to default 6

We just have to provide the domain and should not include the path of the domain.

Valid wildcard host names expressions include "*.google." and "*".

Invalid wildcard host name expressions include "www.*.", "*.google.*" and "google.*".

Reference for it:- https://wiki.mozilla/Security/CSP/Specification#Hostname_Wildcards

Just try to use like this https://*.statscollector.sd-rtn.:6443 as your content security rule

发布评论

评论列表(0)

  1. 暂无评论