Details
-
Bug
-
Resolution: Done
-
Major
-
4.3.0.CR1
-
None
Description
Steps to reproduce:
1) create default THYM project
2) enable Livereload server
3) run THYM project on CordovaSim
4) edit index.html and save changes
ERROR: refresh is not happening on Cordovasim
In order to make it work one nee to remove the following meta tag from index.html:
<meta http-equiv="Content-Security-Policy" content="default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *">
Livereload doesn't work with new THYM projects due to new cordova-white-list plugin security policy - https://github.com/apache/cordova-plugin-whitelist/blob/master/README.md#content-security-policy . The following error prevent script loading
Refused to load the script 'http://localhost:35729/livereload.js' because it violates the following Content Security Policy directive: "default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
BTW, We are not the only one affected by this changes - http://forum.ionicframework.com/t/solution-for-livereload-problems-with-new-csp-rules/25449
Attachments
Issue Links
- is related to
-
JBIDE-20771 Livereload not working with projects hosted on local Server with Content Security Policy (CSP) enabled
-
- Open
-