Sign in Register
Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • chaitanya 4 posts 74 karma points
    Jul 10, 2022 @ 19:00
    chaitanya
    0

    blob

    The Content-Security-Policy directive name 'Content-Security-Policy:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.

    I am getting this error.

    I have mentioned directive like this below.

    <add name="Content-Security-Policy" value="default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *;"/>
    Copy Link
  • Lindow 154 posts 1301 karma points
    Jul 10, 2022 @ 19:16
    Lindow
    0

    Hi there

    Try this tool https://csp-evaluator.withgoogle.com/

    Copy Link
  • Huw Reddick 1932 posts 6722 karma points MVP 2x c-trib
    Jul 10, 2022 @ 20:39
    Huw Reddick
    0

    The CSP is a http header or html meta tag, it doesn't go in your web config settings

    Copy Link
  • Lindow 154 posts 1301 karma points
    Jul 10, 2022 @ 20:43
    Lindow
    0

    Yes, it does, Huw.

    In v8 you can add it to your web.config under the <customHeaders> tag.

    Copy Link
  • Huw Reddick 1932 posts 6722 karma points MVP 2x c-trib
    Jul 11, 2022 @ 06:17
    Huw Reddick
    100

    My bad, I misread an thought they were adding to app settings.

    The issue is most likely the colon : after blob.

    It's not really an umbraco issue.

    Copy Link
  • Lindow 154 posts 1301 karma points
    Jul 11, 2022 @ 07:42
    Lindow
    0

    Yeah, I thought about that colon too :)

    Copy Link

  • This forum is in read-only mode while we transition to the new forum.

    You can continue this topic on the new forum by tapping the "Continue discussion" link below.

Please Sign in or register to post replies