Issue metadata
Sign in to add a comment
|
Refused to apply inline style because it violates the following Content Security Policy directive:
Reported by
wan.he...@gmail.com,
Sep 5
|
||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 Steps to reproduce the problem: 1. I Had many SHA hash to bypass inline style at my website https://karangploso.jatim.bmkg.go.id/ and I had my SHA hash at style-src complete at my apache header and my meta tag http-equiv, but why i got error at console at google chrome browser version Version 69.0.3497.81 (Official Build) (64-bit) and the newest chrome bowser for android ? and that sugesstion from chrome console was found at my header and my meta tag, and google chrome browser cannot apply inline style with exisiting SHA hash header and meta tag http-equiv at style-src the problem didnt show up at Vivaldi version 1.15.1147.64 console and Google Chome Browser Version Version 68.0.3440.106 (Official Build) (64-bit) What is the expected behavior? please give me advised What went wrong? chrome console reproduce error apply inline style for SHA hash at style-src Did this work before? N/A Chrome version: 69.0.3497.81 Channel: stable OS Version: 10.0 Flash Version: https://securityheaders.com/?q=https%3A%2F%2Fkarangploso.jatim.bmkg.go.id%2F&followRedirects=on https://csp-evaluator.withgoogle.com/
,
Dec 13
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||
Comment 1 by mpdenton@google.com
, Sep 5