I wrote a server on node + express. Prepared the page for rendering, wrote scripts in JS using Jquery. But Jquery can’t load the page for some reason. This is a constant case, before I wrote the ToDo application on WebSockets and I had the same error. What is the problem and how to solve it? Help please.
Refused to load the script ‘https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js’ because it violates the following Content Security Policy directive: “script-src ‘self'”. Note that ‘script-src-elem’ was not explicitly set, so ‘script-src’ is used as a fallback.
I tried adding different meta tags from other sources, but it didn’t help.
This is one of the better error messages in that it’s fairly specific: You’ve set the Content Security Policy for the page to
script-src: 'self'. The
self means that only sources that are the same origin as the document itself are valid.
You can fix this in one of three ways:
Content-Security-Policyheader being returned with the page to not include
script-src: self, or
https://cdnjs.cloudflare.comas as valid source (the list is space-separated), like this:
Content-Security-Policy: 'self' https://cdnjs.cloudflare.com
Use a local copy of jQuery served from the same origin as the page