In my previous question, I wanted to use the cdvfile protocol, so I solved myself once, but when I tried to use it on Android, I got another error.
<meta http-equiv="Content-Security-Policy" content="default-src'self'data:gap:cdvfile:https://ssl.gstatic.com'unsafe-eval';style-src'self'''unsafe-inline';media-src*">
If you specify this,
The source list for Content Security Policy directive 'default-src'
contains an invalid source: 'gap:cdvfile:https://ssl.gstatic.com'.It
will be ignored.
This error occurs.
Next, I tried to erase the space as in the previous solution.
<meta http-equiv="Content-Security-Policy" content="default-src'self'data:gap:cdvfile:https://ssl.gstatic.com'unsafe-eval';style-src'self'''unsafe-inline';media-src*">
The following error occurred and could no longer be recognized:
Unrecognized Content-Security-Policy direct 'default-src'self'.
I've looked into various things, but I can't solve them, so please help me if you know more.
javascript monaca angularjs
I will probably reply to Monaca's This page document as a reference.
The following parts of the document are incorrect:
Wrong:gap:cdvfile:https://ssl.gstatic.com
positive:gap:cdvfile:https://ssl.gstatic.com
For Content Security Policy, please refer to This page.
Briefly, specify source-list for the default-src directive.
This source-list has the following format:
'none'/'self'/'unsafe-inline')Data format (for example, data:/blob:/filesystem:)The error states that gap:cdvfile:https://ssl.gstatic.com contained in the default-src directive is incorrect.
In other words, the string gap:cdvfile:https://ssl.gstatic.com is incorrect in the format specified in source-list.
As mentioned earlier, specifying gap:cdvfile:https://ssl.gstatic.com individually will eliminate errors.
Supplemental
The second error is also as stated in the error.
Content Security Policy has the default-src directive, but no default-src'self' directive.
© 2024 OneMinuteCode. All rights reserved.