I’m getting reports that say our CSP policy is blocking domains it looks like it shouldn’t.
blocked-uri: https://uploads.....
effective-directive: img-src
original-policy: img-src 'self' https: blob: data:;
Why is the policy blocking the blocked-uri
?
I have a few different domains that seem like they should be allowed, but aren’t.
You need to sign in to view this answers