I am developing a plugin by Forge ( Custom UI)
I import the third library UI.
I see the error belows:
hasRelativeStackingContext.js:22 Refused to load the font 'data:font/ttf;base64,AA*************
because it violates the following Content Security Policy directive: "font-src 'self'".
I add the meta tag in a header in the file “index.html” but it still not working.
<meta http-equiv="Content-Security-Policy" content="font-src 'self' data:; img-src 'self' data:; default-src 'self'">
You may want to take a look at this page: https://developer.atlassian.com/platform/forge/add-content-security-and-egress-controls/
You could try adding permissions content policy that way.
Kind regards
not yet. limited document or guide to direct me, so I gave it up.
any updates on this issue ? I can setup external CSPs for fonts but it still doesn’t work for data: URLs
I’ve found a solution by allowing all external fonts. Just add it to your manifest.yml:
permissions:
external:
fonts:
- '*'
Hi @AndreiPisklenov ,
Unfortunately, * doesn’t work for base64 encoded fonts.
Refused to load the font 'data:application/x-font-ttf;charset=utf-8;base64,............' because it violates the following Content Security Policy directive: "font-src 'self'".I haven’t checked it, but something like “unsafe-inline” for “fonts” could assist:
permissions:
content:
fonts:
- unsafe-inline
or
permissions:
content:
styles:
- 'unsafe-inline'
It is the second one. I had already permissions/content/styles/unsafe-inline, but unfortunately it doesn’t work. base64 encoded fonts are not supported. I really appreciate if you could add your votes to [FRGE-578] Support for base64 encoded fonts - Ecosystem Jira (atlassian.net).