Support » Plugin: GD Security Headers » The Content-Security-Policy directive name s.w.org contains one or more invali

  • Resolved advertino

    (@advertino)


    I can’t seem to solve this problem in any way:

    The Content-Security-Policy directive name ‘s.w.org’ contains one or more invalid characters. Only ASCII alphanumeric characters or dashes ‘-‘ are allowed in directive names.

    But this directive is not specified anywhere. Is it possible that there is a bug in the plugin?

    log1
    log2

    • This topic was modified 5 months, 1 week ago by advertino.
Viewing 1 replies (of 1 total)
  • Plugin Author Milan Petrovic

    (@gdragon)

    In general, I can’t help you with the setup of the rules. Why something gets reported or not, depends on how you set up the rules, and I can’t analyze or test that for everyone using the plugin. There are plenty of resources on the internet with CSP information on how to set up rules.

    From the screenshot, you have set it wrong: you don’t need to specify img-src or script-src for each rule, only what the actual rule is, my plugin adds property src attributes. That’s why the rules are wrong in your case.

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.