انقطاع جزئي للخدمةshare-external
Instant game Content Security Policy violation
1

i developed an instant game which works in local host as mentioned in docs of instant game, after i upload it in facebook web hosting, i am getting error regarding Content Security Policy(CSP) "Refused to load the script 'blob:https://apps-1093027728478608.apps.fbsbx.com/7194ec79-fbf6-4395-b293-4dd754e97316' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' *.facebook.com *.facebook.net cdn.mixpnl.com *.google-analytics.com web.localytics.com *.googletagmanager.com *.cloudfront.net *.amazonaws.com *.googleapis.com *.firebaseapp.com *.firebaseio.com *.8686c.com *.cncovs.com *.aliyun.com *.aliyuncs.com *.wsdvs.com *.console.re *.kunlunar.com *.windows.net *.msecnd.net *.anysdk.com cdn.babylonjs.com cdn.trackjs.com cdn.firebase.com *.kochava.com *.akamaized.net *.cocos.com *.playfab.com code.createjs.com *.zdassets.com websdk.appsflyer.com cdnjs.cloudflare.com www.gstatic.com *.azureedge.net *.ibytedtos.com *.bytepluscdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."

does anyone know how to solve it ?

Ravi
تم طرح السؤال منذ حوالي ‏٧‏ أشهر
Dzmitry

We experience the same issue with appId 565539167855337 for images from https://puzzlestore.ximad.com. How can override facebook`s CSP to grant downloading images from https://puzzlestore.ximad.com?

‏٢ مايو‏‏١١:١٢ م‏111
الإجابة المحددة
1

We experience the same issue too.

‏٦ مايو‏‏١٢:٥٣ ص‏111
陳南輝