我正在从另一个网站加载资源,我看到了
ERR_BLOCKED_BY_CLIENT我试过了
@content_security_policy (case Mix.env() do
:prod ->
"default-src 'self';connect-src wss://#{@host};img-src 'self' blob:;" <>
"script-src 'https://targetsite.com';"
_ ->
"default-src 'self' 'unsafe-eval' 'unsafe-inline';" <>
"connect-src ws://#{@host}:*;" <>
"img-src 'self' blob: data:;" <>
"script-src 'https://targetsite.com';"
end)
然后
plug :put_secure_browser_headers, %{"content-security-policy" => @content_security_policy}使用Brave浏览器造成的