0👍
I have the same problem, too.
Hope that my solution will help.
First, remove 'unsafe-inline' and run your applications
You may get some errors from console on the web.
For example:
Refused to apply inline style because it violates the following
Content Security Policy directive: "style-src ‘self’
https://fonts.googleapis.com
‘sha256-aqNNdDLnnrDOnTNdkJpYlAxKVJtLt9CtFLklmInuUAE=’". Either the
‘unsafe-inline’ keyword, a hash
(‘sha256-aqNNdDLnnrDOnTNdkJpYlAxKVJtLt9CtFLklmInuUAE=’), or a nonce
(‘nonce-…’) is required to enable inline execution.
Second, copy the text 'sha256-aqNNdDLnnrDOnTNdkJpYlAxKVJtLt9CtFLklmInuUAE=' and put in Content-Security-Policy after script-src or style-src
For example:
default-src ‘none’; font-src ‘self’ data:; img-src ‘self’; script-src
‘self’ ‘sha256-aqNNdDLnnrDOnTNdkJpYlAxKVJtLt9CtFLklmInuUAE=’; style-src ‘self’
‘sha256-aqNNdDLnnrDOnTNdkJpYlAxKVJtLt9CtFLklmInuUAE=’; object-src
‘self’; connect-src ‘self’
And this may solve your problem.
By the way, you may encounter the problem like this :
Sha hash not respected in CSP style-src
You can add ‘unsafe-hashes’ after script-src or style-src to solve it.
- [Vuejs]-How can I show data names field in vue-multiselect plugin in edit page?
- [Vuejs]-Vue.js Child Component not Updating Data in Parent Component