Content Security Policy violation errors following local development setup when attempting to start dev #1202
Comments
|
@iamgollum Have you enable CORS on your local CouchDB? |
|
@popojargo sounds like the Readme needs to be updated... let me check ... would not have thought to enable CORS on the couch side of things...following this: https://docs.couchdb.org/en/1.3.0/cors.html |
|
@popojargo after many attempts to https://github.com/pouchdb/add-cors-to-couchdb I think this should be mentioned in the Readme? What do you think? |
|
You can probably add a note or a FAQ in the CONTRIBUTING.md file :) Also, you can normally enable CORS in the Fauxton UI (under Config > CORS) |
|
@Poltergeist the config link was broken for me :( - maybe I did something wrong. Ill submit a PR tomorrow for the readme. ill tag it under this issue - cool? |
I have been following the guide(s) -
readme.mdand read the guide on contributing. When I executenpm run devwith couchdb up 'n running in docker and thesettings.jsonmodified accordingly, I get a Content Security violation inChrome Version 75.0.3770.100 (Official Build) (64-bit)on the latestMac Book Proas of this writing:default-src 'self'should work for same-origin when applying host:"http:https://localhost:5984"I was playing around with https://csp-evaluator.withgoogle.com/ using the
defaultHeaderValueindevserver.jsbut to no avail. (On an unrelated note, Google is saying you can restrictobject src to 'none'.. new issue?This is blocking me from completing local development setup and it would be my pleasure to contribute and fix some UI issues I found.
The text was updated successfully, but these errors were encountered: