Note that 'connect-src' was not explicitly set?
Refused to connect to 'wss://abc.cn:8083/' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
上面这是浏览器控制台报错
后端响应头是
content-security-policy:
default-src 'self' data: blob: *.test.com; img-src * data: blob: *.test.com; media-src * data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' kfuu.cn *.abc.com; style-src 'self' 'unsafe-inline' *.abc.com; connect-src * wss://abc.cn:8083/; object-src 'none'
求大佬指导
回答
和开发者交流更多问题细节吧,去 写回答
相关文章
相似问题
相关问答用户
请输入您想邀请的人