Magento Asked by Kay Int Veen on November 13, 2021
I was really annoyed by the lack of documentation around the following console errors showing up.
[Report Only] Refused to create a worker from 'blob:https://domain.com/535c516f-8a3a-4d17-b0c0-a207e461f42c' because it violates the following Content Security Policy directive: "worker-src ".
Nowhere I found any information on how to solve it. There is documentation on the content security policy and although its report only its no harm but still irritating.
So after some trial and error, I just solved it.
I personally always have a custom baseconfig
module in app/code/ so for example /app/code/sitename/baseconfig
where i force set certain settings in core_config. so ideal for this kind of stuff. in the etc folder of that module, I added a file called csp_whitelist.xml
which is also very clearly documented on Magento devdocs: https://devdocs.magento.com/guides/v2.3/extension-dev-guide/security/content-security-policies.html
In that file i added the following
<?xml version="1.0"?>
<csp_whitelist xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Csp/etc/csp_whitelist.xsd">
<policies>
<policy id="worker-src">
<values>
<value id="worker-blob" type="host">blob:</value>
</values>
</policy>
</policies>
</csp_whitelist>
Answered by Kay Int Veen on November 13, 2021
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP