Folks, I have a little issue here:
I have a domain and a sub-domain, here you can see how I have it in the Nginx part
server {
large_client_header_buffers 1 1K;
listen 80;
server_name http://ift.tt/1IAfK1F just4bettors.mobi;
root /home/c0pt/capilleira/capilleiraclickandgamblemobile/www;
location / {
index index.html index.htm;
...
}
add_header Content-Security-Policy
"default-src 'self' http://ift.tt/1G0hIbQ;
connect-src http://ift.tt/1NjT7kH
http://ift.tt/1G0hIbQ
http://ift.tt/1IAfK1F
http://ift.tt/1G0hIbV";
}
and this is the part for the sub-domain:
server {
listen 80;
server_name http://ift.tt/1E6mx4j desktop.just4bettors.mobi;
root /home/c0pt/capilleira/capilleiraclickandgambleweb/dist;
location / {
index index.html index.htm;
...
}
add_header Content-Security-Policy add_header
"default-src 'self' http://ift.tt/1IAfK1F;
connect-src http://ift.tt/1NjT7kH
http://ift.tt/1G0hIbQ
http://ift.tt/1IAfK1F
http://ift.tt/1G0hIbV
http://ift.tt/1NjT8oW
http://ift.tt/1E6mx4j";
}
this part of the errors I am getting in the console
Refused to connect to 'http://ift.tt/1G0hL7C' because it violates the following Content Security Policy directive: "connect-src http://ift.tt/1NjT7kH http://ift.tt/1G0hIbQ http://
the error messages actually comes only when I try to connect to http://ift.tt/1E6mx4j but if I put http://ift.tt/1IAfK1F everything works properly, so the issue I have seems to be in the sub-domain part, and MY GUESS here is that I doing something wrong in the Content-Security-Policy, so, what are your suggestions ?
Aucun commentaire:
Enregistrer un commentaire