Investigate violations of Content-Security-Policy

Question

Investigate violations of Content-Security-Policy

martinmo opened this issue 4 years ago · 1 comments

On Windows 10 and Firefox 85, there seems to be a violation of the CSP wrt data: which is shown in the developer console. On macOS with Firefox 85 I cannot reproduce this issue, it might be something related to fonts.

Answer 1 · 2021-02-17T15:16:53.000Z

Further investigation has shown that some browser extension (e.g. Grammarly) tries to load fonts from fonts.gstatic.com which is forbidden by our CSP. This is intentional. Thus, I'm closing this issue.