Content Security Policy (CSP) 是一种加固 Web 应用的安全性的技术,通过在网站页面中设置 CSP Header 来限制页面中能够执行的脚本、样式、图片等资源。CSP 包...
参考1:https://blog.csdn.net/qq_30436011/article/details/127485927
为什么我们需要CSP?
参考2:https://blog.csdn.net/wzj_110/article/details/130189659
参考3:https://www.cnblogs.com/xkxf/p/15553510.html
Refused to load the stylesheet, because it violates the following Content Security Policy derective: "style-src 'none-fEYlwpqxM-LNHEkTNBWi_jDN'".Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
>>Jenkins没有css样式问题:
>>jetty跨域:https://www.coder.work/article/67117
>>nginx设置csp:一次性解决It violates the following Content Security Policy directive: ‘iframe-src'.. - 掘金 (juejin.cn)
Add the following configuration changes to httpd.conf:
Header always set Content-Security-Policy "default-src 'self';";