1 Reply Latest reply on Apr 13, 2017 11:31 AM by howard_owens

    content-security-policy preventing app update

    howard_owens Level 1

      Here's my tag

       

      <meta http-equiv="Content-Security-Policy" content="

          default-src 'self';

          script-src 'self' 'unsafe-inline';

          style-src 'self'  'unsafe-inline' maxcdn.bootstrapcdn.com fonts.gstatic.com data:

              fonts.googleapis.com data:;

          font-src maxcdn.bootstrapcdn.com fonts.googleapis.com data:

              fonts.gstatic.com data:;  />

       

      If I am online and this tag is in place, my app pulls content from localstorage instead of the live JSON object (the exact opposite of what should happen).  If I remove the tag, I can get the live JSON update.

       

      Why?