CouchCMS works great out of the box but when I tried to add Content Security Policy to the site it broke the admin panel.
The site itself works without any problems (even GoogleMaps which was a fight to get working with CSP) but the Admin Panel remains unusable.
If possible I would like to get CouchCMS working with CSP.
Here the CSP:
I added the unsafe-inline part because of CouchCMS which removed quite a bit of the errors but something else gets blocked by the CSP that makes the Admin Panel unusable.
Any idea how I could get it to work? Thanks in advance.
The site itself works without any problems (even GoogleMaps which was a fight to get working with CSP) but the Admin Panel remains unusable.
If possible I would like to get CouchCMS working with CSP.
Here the CSP:
- Code: Select all
Header set Content-Security-Policy: "default-src 'self' ajax.googleapis.com maxcdn.bootstrapcdn.com www.google-analytics.com maps.google.com maps.gstatic.com maps.googleapis.com mt1.googleapis.com mt.googleapis.com mt0.googleapis.com csi.gstatic.com khm0.googleapis.com khm1.googleapis.com fonts.googleapis.com fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com maxcdn.bootstrapcdn.com www.google-analytics.com maps.google.com maps.gstatic.com maps.googleapis.com mt1.googleapis.com mt.googleapis.com mt0.googleapis.com csi.gstatic.com khm0.googleapis.com khm1.googleapis.com fonts.googleapis.com fonts.gstatic.com"
I added the unsafe-inline part because of CouchCMS which removed quite a bit of the errors but something else gets blocked by the CSP that makes the Admin Panel unusable.
Any idea how I could get it to work? Thanks in advance.