Шукати в статтях підтримки

Остерігайтеся нападів зловмисників. Mozilla ніколи не просить вас зателефонувати, надіслати номер телефону у повідомленні або поділитися з кимось особистими даними. Будь ласка, повідомте про підозрілі дії за допомогою меню “Повідомити про зловживання”

Докладніше

Ця тема перенесена в архів. Якщо вам потрібна допомога, запитайте.

When having "Content Security Policy" active on my 2 websites, Firefox don't work, but my site work with all the other browsers, except firefox.

  • 2 відповіді
  • 2 мають цю проблему
  • 1 перегляд
  • Остання відповідь від dionbeukes

more options

I run a few websites, in the NGINX settings you can create a directive to include "Content Security Policy". When I have this active my site is working in all the other major browsers, Chrome, Chromium, Safari, Opera, Edge, but NOT in Firefox. When I test my sites on various pentest tools, like https://observatory.mozilla.org/ for example I get A+, A- & A respectively, but when I access my sites on Firefox they don't even load, its so quick, the server just drops the connection when I try to access it with Firefox, there is even nothing in the console to view with Firefox. When I go back to NGINX and comment out the Content Security Policy, all my sites work with Firefox, but that defeats the purpose because now I get F ratings on the pentest tools etc, I have looked at the Content Security Policy pages of Mozilla and its seems the latest version of firefox DO support Content Security Policy. Can you tell me which directives in the CSP does not work with Firefox and is there a workaround.

I run a few websites, in the NGINX settings you can create a directive to include "Content Security Policy". When I have this active my site is working in all the other major browsers, Chrome, Chromium, Safari, Opera, Edge, but NOT in Firefox. When I test my sites on various pentest tools, like https://observatory.mozilla.org/ for example I get A+, A- & A respectively, but when I access my sites on Firefox they don't even load, its so quick, the server just drops the connection when I try to access it with Firefox, there is even nothing in the console to view with Firefox. When I go back to NGINX and comment out the Content Security Policy, all my sites work with Firefox, but that defeats the purpose because now I get F ratings on the pentest tools etc, I have looked at the Content Security Policy pages of Mozilla and its seems the latest version of firefox DO support Content Security Policy. Can you tell me which directives in the CSP does not work with Firefox and is there a workaround.

Усі відповіді (2)

more options

Can you post a link to a publicly accessible page (i.e. no authentication or signing on required)?