Menu
Feedback
Start here


Known issues
Restrict the default-src of the header Content Security Policy could break the Checkout
ID: 763359
Backlog
Published on 3/2/2023
Last update on 3/2/2023

Summary

Restricting the Content Security Policy header can cause checkout files not to be loaded. For example, the default-src 'self' configuration can cause files coming from vtex.com not to be loaded

Simulation

  1. Set default-src of the Content Security Policy

  2. try to buy something through checkout

  3. See the error on the console

    Content Security Policy: the page's settings blocked the loading of a resource at

Workaround

Remove the header

Contributors
2
Photo of the contributor
Photo of the contributor
+ 2 contributors
Contributors
2
Photo of the contributor
Photo of the contributor
+ 2 contributors
On this page
Still got questions?
Ask the community
Find solutions and share ideas in the VTEX community.
Join our community
Request support from VTEX
For personalized assistance, contact our experts.
Open a support ticket
GithubDeveloper portalCommunityFeedback