Manage Challenge WAF Content-Security-Policy

What is the name of the domain?

uptime.codelabworks.is-a.dev

Content-Security-Policy: default-src ‘self’; script-src ‘self’ challenges.cloudflare.com static.cloudflareinsights.com *.codelabworks.is-a.dev; script-src-elem ‘self’ challenges.cloudflare.com static.cloudflareinsights.com *.codelabworks.is-a.dev; style-src ‘self’ ‘unsafe-inline’; img-src ‘self’ data:; connect-src ‘self’ ajax.cloudflare.com static.cloudflareinsights.com; font-src ‘self’; manifest-src ‘self’; worker-src ‘self’ blob:; object-src ‘self’ *.codelabworks.is-a.dev; frame-src ‘self’ challenges.cloudflare.com *.codelabworks.is-a.dev; frame-ancestors ‘none’;

but manage challenege is not displayed instead it shows it error used to execute inline script because it violates the following Content Security Policy directive: “script-src-elem ‘self’ challenges.cloudflare.com static.cloudflareinsights.com *.codelabworks.is-a.dev”. Either the ‘unsafe-inline’ keyword, a hash (‘sha256-V9bKIPKdkqDquxWqanUEnRJt/VGpPA3vlTv6IiDVcXQ=’), or a nonce (‘nonce-…’) is required to enable inline execution.^^

is anything i should change i dont want to use unsafe-inline

This topic was automatically closed after 15 days. New replies are no longer allowed.