Revision history [back]

click to hide/show revision 1
initial version

asked 2021-03-23 14:55:32 +0800

wastemails gravatar image wastemails

zk-springboot-with-security-Error in CSP Header

The following is aded in Spring Security Configuration http .headers() .contentSecurityPolicy("image-src 'self'; default-src 'none'; script-src 'self'; style-src 'self'").reportOnly()

Added the following in zul file.

Getting error as Invalid characters (CR/LF) in header Content-Security-Policy-Report-Only

zk-springboot-with-security-Error in CSP Header

The following is aded in Spring Security Configuration http .headers() .contentSecurityPolicy("image-src 'self'; default-src 'none'; script-src 'self'; style-src 'self'").reportOnly()

Added the following in zul file.

<?header name="Content-Security-Policy-Report-Only"
        value="default-src 'none';
        script-src 'self' 'unsafe-inline' 'unsafe-eval';
        frame-src 'self';
        connect-src 'self' ws://your.server.name:8080/;
        img-src 'self';
        style-src 'self' 'unsafe-inline';
        font-src 'self'" ?>

Getting error as Invalid characters (CR/LF) in header Content-Security-Policy-Report-Only

zk-springboot-with-security-Error in CSP Header

The following is aded in Spring Security Configuration

http
  .headers()
  .contentSecurityPolicy("image-src 'self'; default-src 'none'; script-src 'self'; style-src 'self'").reportOnly()

'self'").reportOnly()

Added the following in zul file.

<?header name="Content-Security-Policy-Report-Only"
        value="default-src 'none';
        script-src 'self' 'unsafe-inline' 'unsafe-eval';
        frame-src 'self';
        connect-src 'self' ws://your.server.name:8080/;
        img-src 'self';
        style-src 'self' 'unsafe-inline';
        font-src 'self'" ?>

Getting error as Invalid characters (CR/LF) in header Content-Security-Policy-Report-Only

Support Options
  • Email Support
  • Training
  • Consulting
  • Outsourcing
Learn More