Select to view content in your preferred language

CSP img-src issue

229
1
04-28-2023 06:55 AM
ErikHennig
New Contributor

Hi there

I am using API v4.25 and want to optimize the Content Security Policy headers.

In the img-src directive I currently use data: attribute. Our security team told us to remove this attribute. After that, the map still works but I get the following error in the console:

ErikHennig_0-1682689946045.png

What is this SVG image used for? Is there a way to remove the error without having the data: attribute included in img-src?

Thanks in advance.

 

0 Kudos
1 Reply
ErikHennig
New Contributor

Hi there

Is there any update on this? The issue is still there in v4.28.

I also get errors when I remove blob: entry from worker-src directive but the map itself still works:ErikHennig_0-1715870133820.png

 

 

0 Kudos