Content Security Policy violation problem in a fresh Ember app


Grettings, Ember-community

At the moment I’ve almost reached the “desperate” mood. 3 days ago I wanted to get started with Ember by creating a small prototype, but at one point I faced “a wall”. I don’t have developer-friends who worked with ember, I’ve googled for solutions and asked smart guys from StackOverflow as well.

I’ll explain my current situation I would be infinitely glad if someone would be able to suggest a solution.

My environment:

  • Mac, OS X (10.10.3)
  • ember -v: 0.2.3
  • node -v: 0.12.2
  • npm -v: 2.7.6

I installed ember-cli, created a new app, started the server:

$ npm install -g ember-cli

$ ember new my-app

$ cd my-app

$ ember server

Afterwards I visit the url http://localhost:4200/ and see Welcome to Ember.js.

The next step is to “try and change” this text. So I go to application.hbs and change the content of the file to:

Welcome to Ember.js, BRO


So I return to the browser, refresh the page and nothing has changed. No errors in browser’s console. Nevertheless in terminal I get messages like

Content Security Policy violation: {}

I tried to delete the CSP line from package.json - nothing. But anyway “Removing the check that’s warning you of vulnerabilities doesn’t count as fixing your vulnerabilities” ©

I have no clue what to try and where to search

Thank you in advance,



A fresh app should not have CSP warnings. Please test in an incognito window (without browser extensions). These warnings on a fresh app are often caused by chrome/Firefox extensions mis-behaving.


Nope, the content remains static and terminal produces those warnings:

Content Security Policy violation: {}

Content Security Policy violation: {}

Checked in:

  • Incognito mode in Chrome: 42.0.2311.90
  • Safari: 8.0.5


Some additional info:

I figured out that the problem is that the ember app does not “hear” the trigger, when a file has been changed. I don’t receive a

file changed templates/application.hbs

notification in the terminal. Something globally is blocking or interrupting the regular app run.

Still looking forward receiving your suggestions !


Update. Temporary fix found: Starting the server with

ember server --watcher=polling

Still searching for the answer what is blocking the events of the file system


Did you get anywhere with this?

After fixing all browser console errors for the security policies, I’m seeing the same in the ember server output: Content Security Policy violation: {}

Since it’s empty, is there anything to be concerned about?



I am also having similar issues.

$ ember --version
version: 1.13.1
node: 0.12.6
npm: 2.12.1

$ watchman --version

However ember server --watcher=polling did not seem to resolve anything for me, nor did the incognito window.

Any ideas?