In my tour.pug main head file this:
extends base
include _reviewCard
block append head
script(src="https://api.mapbox.com/mapbox-gl-js/v2.6.1/mapbox-gl.js")
link(href='https://api.mapbox.com/mapbox-gl-js/v2.6.1/mapbox-gl.css' rel='stylesheet')
script(src='https://js.stripe.com/v3/')
In my stripe.js file:
const stripe = Stripe('pk_test_something...')
When I load I get error:
Refused to load the script ‘https://js.stripe.com/v3/’ because it
violates the following Content Security Policy directive: “script-src
https://cdnjs.cloudflare.com https://api.mapbox.com ‘self’ blob:”.
Note that ‘script-src-elem’ was not explicitly set, so ‘script-src’ is
used as a fallback.
After this I get mapbox error too:
Refused to connect to ‘ws://localhost:50364/’ because it violates the
following Content Security Policy directive: “default-src ‘self’
https://*.mapbox.com”. Note that ‘connect-src’ was not explicitly set,
so ‘default-src’ is used as a fallback.
I didnt understand what mean these errors and how to fix these issues. Thanks