Refused to load the image 'blob:...' because it violates the following Content Security Policy

html mapbox content-security-policy
Raz picture Raz · Dec 26, 2019 · Viewed 7.9k times · Source

I got this error:

Refused to load the image 'blob:file:///cf368042-bf23-42b6-b07c-54189d3b0e01' because it violates the following Content Security Policy directive: "default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.

While trying to load a mapboxGL map. This is my CSP tag:

<meta http-equiv="Content-Security-Policy" 
    content="
      worker-src blob:; 
      child-src blob: gap:;
      default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:">

Answer

Raz picture Raz · Dec 26, 2019

Found it! This is the fix for either image and base64.

Need to add img-src 'self' blob: data:; As follow:

<meta http-equiv="Content-Security-Policy" 
    content="
      worker-src blob:; 
      child-src blob: gap:;
      img-src 'self' blob: data:;
      default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:">

Related questions

How can I use a custom created mapbox style along with leaflet

I can't find any examples for how to use custom created map-styles. On the mapbox page I created a style for a map. How can I use this style with leaflet? For example: var map = L.map('map', { center: [43.64701, -79.39425], …

Read More
How to create an HTML button that acts like a link?

I would like to create an HTML button that acts like a link. So, when you click the button, it redirects to a page. I would like it to be as accessible as possible. I would also like it so …

Read More
How do I check whether a checkbox is checked in jQuery?

I need to check the checked property of a checkbox and perform an action based on the checked property using jQuery. For example, if the age checkbox is checked, then I need to show a textbox to enter age, else …

Read More