You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are integrating the SDK into HabPanel. This is an widget based web ui so you can build dashboards from OpenHab devices. We want to display the camera's with this SDK in a widget.
When lazy-loading the SDK we get an error on video.min.js
Refused to create a worker from 'blob:http://<webserver>/f675bf28-a6df-4b59-b032-23e6e02326c6' because it violates the following Content Security Policy directive: "script-src 'self' 'sha256-5hvlzGKhlKhafFjW6G/cRVpM/e+JewYxe/pLpQ5Kj9M='". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
We cannot change the CSP policy as it is fixed coded in the HabPanel framework. The author of video.min.js is aware of weak CSP compliance, but it doesn't look like it's top priority. Since this SDK includes video.min.js, what can VXG do regarding this issue?
Regards,
Bastiaan
The text was updated successfully, but these errors were encountered:
Hello,
We are integrating the SDK into HabPanel. This is an widget based web ui so you can build dashboards from OpenHab devices. We want to display the camera's with this SDK in a widget.
The CSP policy of HabPanel is:
When lazy-loading the SDK we get an error on video.min.js
We cannot change the CSP policy as it is fixed coded in the HabPanel framework. The author of video.min.js is aware of weak CSP compliance, but it doesn't look like it's top priority. Since this SDK includes video.min.js, what can VXG do regarding this issue?
Regards,
Bastiaan
The text was updated successfully, but these errors were encountered: