0

i want access to this scripts:

<script src="https://js.stripe.com/v3/"></script>

<script src="https://cdnjs.cloudflare.com/ajax/libs/axios/0.21.1/axios.min.js"></script>

<script src="https://api.mapbox.com/mapbox-gl-js/v2.1.1/mapbox-gl.js"> </script>

and this stylesheet:

<link rel="stylesheet" href="https://api.mapbox.com/mapbox-gl-js/v2.1.1/mapbox-gl.css">

but i have some kind errors like this:

Refused to load the script 'https://js.stripe.com/v3/' because it violates the following Content Security Policy directive: "script-src https://cdnjs.cloudflare.com https://api.mapbox.com 'self' blob:". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

i use meta tag to access all websites with all assets, but doesn't work:

<meta http-equiv="Content-Security-Policy" content="default-src https:">

Hadi
  • 1
  • 3
  • Since you observe a CSP violation: `Refused... "script-src https://cdnjs.cloudflare.com https://api.mapbox.com 'self' blob:"`, some CSP is already published (probably via HTTP header). Adding a second CSP via `` can't mitigate the first one. You have to figute out where the first CSP is issued and edit it - to add the `https://js.stripe.com` into `script-src https://cdnjs.cloudflare.com https://api.mapbox.com 'self' blob:`. – granty Jun 24 '21 at 08:36

1 Answers1

0

when I changed the version of my axios it worked for me on that version it is not working. so go to src of your axios file and change it to another version.

Sayeed Mahdi Mousavi
  • 37
  • 1
  • 7