Refused to connect to 'wss://abc.cn:8083/' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
上面这是浏览器控制台报错
后端响应头是
content-security-policy:
default-src 'self' data: blob: *.test.com; img-src * data: blob: *.test.com; media-src * data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' kfuu.cn *.abc.com; style-src 'self' 'unsafe-inline' *.abc.com; connect-src * wss://abc.cn:8083/; object-src 'none'
求大佬指导
相似问题