CSP violation when localhost:8080/ opened in a new tab.
mikesamuel opened this issue · comments
<!DOCTYPE html><html><head><title>Attack Review Testbed</title>
<script src="/common.js" nonce="P9E3UxUuYH03CVGlyLifyUipP9x5+P5nqesNsA2/k9A="></script>
<link rel="stylesheet" href="/styles.css" nonce="P9E3UxUuYH03CVGlyLifyUipP9x5+P5nqesNsA2/k9A=">and the report
Serving from localhost:8080 at /Users/msamuel/work/attack-review-testbed
Database seeded with test data
GET /
POST /client-error
Client-error from <unknown>: {"csp-report":{"document-uri":"http://localhost:8080/","referrer":"","violated-directive":"style-src","effective-directive":"style-src",
"original-policy":"default-src 'nonce-P9E3UxUuYH03CVGlyLifyUipP9x5+P5nqesNsA2/k9A='; img-src 'self'; form-action 'self'; connect-src 'self'; report-uri /client-error","disposition":"enforce",
"blocked-uri":"http://localhost:8080/styles.css","status-code":200,"script-sample":""}}