Help Resolving error: [Report Only] Refused to load the script

Mithrilhall · December 11, 2014, 7:56pm

I just created a new Ember-cli project and I keep getting two errors in Chrome’s console window.

[Report Only] Refused to load the script 'http://10.1.3.34:35729/livereload.js?snipver=1' because it violates the following Content Security Policy directive: "script-src 'self' 'localhost' 'unsafe-inline' 'unsafe-eval' localhost:35729".

and

[Report Only] Refused to connect to 'ws://10.1.3.34:35729/livereload' because it violates the following Content Security Policy directive: "connect-src 'self' 'localhost' ws://localhost:35729".

My contentSecurityPolicy in environment.js is:

contentSecurityPolicy: {
  'default-src': "'none' 'self'",
  'script-src': "'self' 'localhost' 'unsafe-inline' 'unsafe-eval'",
  'font-src': "'self'",
  'connect-src': "'self' 'localhost'",
  'style-src': "'self' 'unsafe-inline'",
}

smurgolo · December 12, 2014, 12:45pm

Hi! I believe you need to add the url 10.1.3.34 to your contentSecurityPolicy inside environment.js

i.e:

contentSecurityPolicy: { ‘default-src’: “‘none’ ‘self’”,
‘script-src’: “‘self’ ‘localhost’ ‘unsafe-inline’ ‘unsafe-eval’ 10.1.3.34:35729”, ‘font-src’: “‘self’”, ‘connect-src’: “‘self’ ‘localhost’”, ‘style-src’: “‘self’ ‘unsafe-inline’”, }

Take a look at this: Content-Security-Policy (CSP) Header Quick Reference

Topic		Replies	Views
GET https://app-name.local/livereload.js net::ERR_ABORTED 404 (Not Found) Ember CLI	1	2771	February 5, 2019
Ember content security policy error while following new emberjs guides?	2	2464	December 10, 2015
Security problems in upgrading ember application	2	1288	May 19, 2015
Content Security Policy violation problem in a fresh Ember app Ember CLI	10	4472	July 21, 2022
[FIXED] CSP output to stdout on startup and page refresh	5	2160	April 4, 2015

Help Resolving error: [Report Only] Refused to load the script

Related topics