I have the problem that I get CSP errors in the browser console and the content is not loaded properly although a CSP is set that allows the subdomain through which I make the call.
I added the following line to the end of httpd.conf and restarted the webserver.
Header set Content-Security-Policy “default-src ‘self’; connect-src https:/mydomain; script-src ‘self’ https:/mydomain; img-src ‘self’ https:/mydomain; style-src ‘self’; frame-ancestors ‘self’; frame-src ‘self’;”
only one / is set after https: so the forum lets me post it.
Chrome console output:
What am I doing wrong?
If more information is needed, please tell me.
I have screenshots of the response headers if needed.
I may attach only one screenshot for this post as a new user.