![]() Next we need to use a font-src directive to allow the actual font-face source file. Note that 'style-src-elem' was not explicitly set, so 'default-src' is used as a fallback. Refused to load the stylesheet '' because it violates the following Content Security Policy directive: "default-src 'self'". Without such a policy, we would get an error in our browser, for example: ![]() Your policy might look like this: style-src ![]() In order for Content-Security-Policy to even load this CSS file, you will need to add to your style-src directive. Google fonts is typically served via a link tag, you might load a stylesheet such as: You're going to need to specify at least two CSP directives, the style-src and the font-src directive. Find out what directives are needed to use google fonts with a content security policy (CSP)?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |