I was configuring my Content-Security-Policy header in .htaccess for a Wordpress website, everything works perfectly except that I realized the checkboxes couldn't be checked anymore, I event tried the simplest :
Header set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'"
which doesn't work either, and of course commenting this line checkboxes works perfectly... here is the original line I tried :
Header set Content-Security-Policy "default-src 'self' *.paypal.com *.paypalobjects.com; script-src 'self' 'unsafe-inline' *.wp.com; style-src 'self' 'unsafe-inline' *.jquery.com; media-src 'self' *.issuu.com *.youtube.com *.vimeo.com *soundcloud.com *bandcamp.com; child-src 'self' *.issuu.com *.youtube.com *.vimeo.com *soundcloud.com *bandcamp.com; form-action 'self' 'unsafe-inline' 'unsafe-eval'"
thanks for any help !
Aucun commentaire:
Enregistrer un commentaire