Skip to content Skip to sidebar Skip to footer

How To Use Content-security-policy With Localhost Files

I am getting the following error on my page: Refused to load the script 'http://127.0.0.1:35729/livereload.js' because it violates the following Content Security Policy directive:

Solution 1:

You can use localhost:, though I believe using 'self' (including the single quotes) would also suffice in this situation. There are some odd cases where * is not actually all-inclusive (blob: for example is also excluded from * I believe).

As always it's good to check out your CSP with Google's Evaluator first.

Post a Comment for "How To Use Content-security-policy With Localhost Files"