Schedule a call with our team and discuss how can we, not only help you technically but help in increasing your ecommerce’s conversion rate.
I got a solution by removing all the content security warnings by creating a module and adding the csp_whitelist.xml in the etc folder of the module.
Step 1: Create a module.
Step 2: Add csp_whitelist.xml in the etc folder of the module and copy-paste the below code in that file.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 |
<?xml version="1.0"?> <csp_whitelist xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Csp/etc/csp_whitelist.xsd"> <policies> <policy id="script-src"> <values> <!--CDN--> <value id="cloudflare" type="host">*.cloudflare.com</value> <!--Google--> <value id="google-analytics" type="host">*.google-analytics.com</value> <value id="googlecom" type="host">*.google.com</value> <value id="googlein" type="host">*.google.co.in</value> <value id="gtmanager" type="host">*.googletagmanager.com</value> <value id="gstatic" type="host">*.gstatic.com</value> <!--Hotjar--> <value id="hotjar" type="host">*.hotjar.com</value> <!--Criteo--> <value id="criteo" type="host">*.criteo.com</value> <value id="criteonet" type="host">*.criteo.net</value> <!--Github--> <value id="github" type="host">*.github.io</value> </values> </policy> <policy id="style-src"> <values> <!--CDN--> <value id="cloudflare" type="host">*.cloudflare.com</value> <!--Design--> <value id="googlefont" type="host">fonts.googleapis.com</value> <value id="maxcdn" type="host">*.bootstrapcdn.com</value> </values> </policy> <policy id="img-src"> <values> <!--CDN--> <value id="cloudflare" type="host">*.cloudflare.com</value> <value id="klarna-base" type="host">https://cdn.klarna.com</value> <!--Payments--> <value id="paypal" type="host">*.paypal.com</value> <!--Video--> <value id="vimeocdn" type="host">*.vimeocdn.com</value> <value id="youtube-img" type="host">https://s.ytimg.com</value> <!--Google--> <value id="googlecom" type="host">*.google.com</value> <value id="googlein" type="host">*.google.co.in</value> <!--Data--> <value id="data" type="host">data:</value> </values> </policy> <policy id="connect-src"> <values> <!--Google--> <value id="google-analytics" type="host">*.google-analytics.com</value> <value id="gtmanager" type="host">*.googletagmanager.com</value> <!--CDN--> <value id="cloudflare" type="host">*.cloudflare.com</value> <!--Payments--> <value id="paypal" type="host">*.paypal.com</value> <!--Double Click--> <value id="doubleclick" type="host">*.doubleclick.net</value> </values> </policy> <policy id="frame-src"> <values> <!--Criteo--> <value id="criteo" type="host">*.criteo.com</value> <value id="criteonet" type="host">*.criteo.net</value> <!--Hotjar--> <value id="hotjar" type="host">*.hotjar.com</value> <!--Google--> <value id="googlecom" type="host">*.google.com</value> <value id="googlein" type="host">*.google.co.in</value> <!--Github--> <value id="github" type="host">*.github.io</value> </values> </policy> <policy id="font-src"> <values> <!--CDN--> <value id="cloudflare" type="host">*.cloudflare.com</value> <!--Design--> <value id="googlefont" type="host">fonts.googleapis.com</value> <value id="maxcdn" type="host">*.bootstrapcdn.com</value> </values> </policy> </policies> </csp_whitelist> |
Clean the cache and check the site again. Probably all the Content security warnings will be removed by adding the above file in your module.
I think It will cover most of the domain, but if you face any other content security warnings then you can add the domain in the csp_whitelist.xml file.
Hope this article will help you to fix Magento 2.3.5 content security warnings.
create the event.xml on your module under the Vendor/Module/etc/event.xml and...
If you need a custom meta tag for a specific...
Generally, if you load font as preload, it will load...
Step 1: First you need to add di.xml in the...
Override the vendor/magento/module-sales/view/frontend/templates/email/items/order/default.phtml file on your theme and add the...
