Hello so I have a web server on heroku and I’m trying to talk to the EBS from an uploaded extension but despite including the required Content-Security-Policy properties I keep getting an error upon sending a GET request:
Refused to connect to 'http://stalker-twitch-integration.herokuapp.com/U30463352/0/0/11001/1' because it violates the following Content Security Policy directive: "connect-src https: wss:".
When I’m doing the same by just opening the extension from my personal PC the request gets sent succesfully.
Any ideas what could be causing it ? This is my current meta tag:
<meta http-equiv="Content-Security-Policy" content="default-src *; style-src 'self' http://* 'unsafe-inline' 'unsafe-eval'; script-src 'self' http://* 'unsafe-inline' 'unsafe-eval';" />
I have tried adding the
connect-src https: wss: too but then it doesn’t even work locally.