Menu
The Content-Security-Policy directive 'child-src' is implemented behind a flag which is currently disabled.
This the error showing when I am trying to build a cordova app .
I am using the meta for overcoming it
<meta http-equiv="Content-Security-Policy" content="default-src 'self' 'unsafe-eval' data: blob: filesystem: ws: gap: cdvfile: https://ssl.gstatic.com *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; child-src *;" />
479
asked Jan 21 '26 17:01
It's coming from here and because the name of the method is reportUnsupportedDirective() my guess would be that the directive is parsed as such but as the error indicates some flag must be switched to really activate it.
What I think is the most likely case: it is detected but not implemented yet. At least this method over here does not mention my particular case that I face right now: worker-src.
The only call I found so far is from this piece of code.
Everything above reverse-engineered, so take it with a grain of salt.
119
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
