Avatar for Username

Pesquisar no site de suporte

Evite golpes de suporte. Nunca pedimos que você ligue ou envie uma mensagem de texto para um número de telefone, ou compartilhe informações pessoais. Denuncie atividades suspeitas usando a opção “Denunciar abuso”.

Saiba mais

Esta discussão foi arquivada. Faça uma nova pergunta se precisa de ajuda.

Trouble with Content Security Policy (CSP)

  • 1 resposta
  • 3 têm este problema
  • 14 visualizações
  • Última resposta de guigs

staalux
staalux
more options

In the latest Firefox 33 there seem to be an issue with Content Security Policy (CSP) and how it handles url that are url encoded. For instance when some CSP directive is set to like https://mywebsite.com/application/do;jsessiond=1234 - it will get URL encoded so the ; gets replaced by %3B. In Firefox 32 and earlier this worked, but not in this new solution.

In the latest Firefox 33 there seem to be an issue with Content Security Policy (CSP) and how it handles url that are url encoded. For instance when some CSP directive is set to like https://mywebsite.com/application/do;jsessiond=1234 - it will get URL encoded so the ; gets replaced by %3B. In Firefox 32 and earlier this worked, but not in this new solution.

Todas as respostas (1)

guigs
guigs
more options

It may be that it needs a header application/x-www-form-urlencoded is this included in your url request as well as charset UTF-8?

If you select a different encoding via web dev https://developer.mozilla.org/en-US/d.../encodeURI

This sounds like what it did before? http://www.justarrangingbits.org/fire.../index.html