I’m using the @googlemaps/js-api-loader library for maps in Atlassian Forge. When initializing the map and starting the app, I encounter the following error: Content-Security-
Policy directive ‘navigate-to’. Is there any way to bypass this issue? Here’s my manifest:
permissions:
content:
scripts:
- 'unsafe-inline'
- 'unsafe-hashes'
Hi @Yevhen1. Welcome to the developer community!
Is that your entire permissions section for this app? To get Google Maps to render, you may need more permission settings to load assets remotely (fonts, styles, scripts, images) and make remote connections to external services. Try out the following permissions section example in your dev environment to see if this helps unblock you.
permissions:
content:
scripts:
- 'unsafe-inline'
styles:
- 'unsafe-inline'
external:
fonts:
- 'https://fonts.gstatic.com'
styles:
- 'https://maps.googleapis.com'
- 'https://fonts.gstatic.com'
- 'https://forge.cdn.prod.atlassian-dev.net'
scripts:
- 'https://maps.googleapis.com'
images:
- 'https://maps.googleapis.com'
- 'https://maps.gstatic.com'
fetch:
client:
- 'https://maps.googleapis.com'
backend:
- 'https://maps.googleapis.com'