My Oracle Support Banner

What Is The Correct Setting For The Content-Security-Policy Header For An ADF Application (Doc ID 2230109.1)

Last updated on JULY 10, 2018

Applies to:

Oracle JDeveloper - Version 11.1.1.7.0 and later
Information in this document applies to any platform.

Symptoms

ADF application doesn't run when using filter with Content-Security-Policy header set to "default-src 'self'" directive.

Chrome developer tools console shows the following error message:

Changing Content-Security-Policy to "default-src 'self' 'unsafe-inline' 'unsafe-eval'" allows the application to run correctly.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.