Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
Y
Y
Yuri2017-05-14 16:16:14
JavaScript
Yuri, 2017-05-14 16:16:14

How to defeat Content-Security-Policy?

written for the page

Content-Security-Policy:default-src * 'self' 'unsafe-inline' data: http://*.tile.openstreetmap.org http://*.tile.openweathermap.org http://openweathermap.org http://api.openweathermap.org https://*.gstatic.com;

but all the same the request, though the others work. maybe because it's a JSONP request.
leaflet-openweathermap.js:846 Mixed Content: The page at ' https://example.com/map ' was loaded over HTTPS, but requested an insecure script ' http://api.openweathermap.org/data/2.5/box /city?AP... '. This request has been blocked; the content must be served over HTTPS.
api openweathermap https does not work. I would not want to engage in proxying through my script. Is there a way to defeat this crap?
(there are no cabinets and user input on the site, purely informational, so security is the least of my worries here)

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
A
Alexander2017-09-24 20:20:40
Is it possible to fully develop an ios application in React Native without a Mac? 5Reply
M
Mikhail Shatilov2017-09-25 04:18:19
How to make it easier to set up ubuntu for development? 2Reply
A
Analka2020-02-15 22:13:01
Cropper quality is lost? 1Reply
K
kirillantv2017-10-05 11:53:54
How to group messages by subject, sender and recipient? 3Reply
J
JyriG2020-02-22 22:12:02
Is the title tag duplicated on a WordPress site? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question