What Is The Correct Setting For The Content-Security-Policy Header For An ADF Application
(Doc ID 2230109.1)
Last updated on AUGUST 05, 2019
Applies to:Oracle JDeveloper - Version 188.8.131.52.0 and later
Information in this document applies to any platform.
ADF application doesn't run when using filter with Content-Security-Policy header set to "default-src 'self'" directive.
Chrome developer tools console shows the following error message:
Changing Content-Security-Policy to "default-src 'self' 'unsafe-inline' 'unsafe-eval'" allows the application to run correctly.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document