以下是我正在处理的website,当我尝试打开https://CurieDoc.com/blog时,有人可以建议我为什么会收到错误(违反内容安全政策)。我使用路径/blog使用Hexo Blog
这是我得到的错误:
拒绝加载图片,因为它违反了以下内容 安全政策指令:"默认-src' self'"。请注意' img-src' 没有明确设置,所以' default-src'用作后备
正在设置的CSP相关标头:
// security headers
res.setHeader('Content-Security-Policy', "default-src 'self'")
res.setHeader('X-Content-Type-Options', 'nosniff')
// standard headers
res.setHeader('Content-Type', 'text/html; charset=utf-8')
res.setHeader('Content-Length', Buffer.byteLength(body, 'utf8'))
我在这个问题上经历了几个类似的问题,但我无法找到解决问题的答案。任何帮助/指导将不胜感激。
以下是我要投放的Index.html页面
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="generator" content="Curie Doc Blog">
<title>Curie Doc Blog</title>
<meta name="author" content="Curie Doc">
<meta name="keywords" content="Indian doctor,Curie Doc,See a doctor now,Doctor Video Calls,Family Physician,">
<script type="application/ld+json">{"@context":"http://schema.org","@type":"Website","@id":"https://CurieDoc.com/blog","author":{"@type":"Person","name":"Curie Doc","sameAs":[]},"name":"Curie Doc Blog","description":"See a doctor in minutes","url":"https://CurieDoc.com/blog","keywords":"Indian doctor, Curie Doc, See a doctor now, Doctor Video Calls, Family Physician"}</script>
<meta name="description" content="See a doctor in minutes">
<meta name="keywords" content="Indian doctor,Curie Doc,See a doctor now,Doctor Video Calls,Family Physician">
<meta property="og:type" content="blog">
<meta property="og:title" content="Curie Doc Blog">
<meta property="og:url" content="https://CurieDoc.com/blog/index.html">
<meta property="og:site_name" content="Curie Doc Blog">
<meta property="og:description" content="See a doctor in minutes">
<meta property="og:locale" content="en">
<meta name="twitter:card" content="summary">
<meta name="twitter:title" content="Curie Doc Blog">
<meta name="twitter:description" content="See a doctor in minutes">
<!--STYLES-->
<link rel="stylesheet" href="/blog/assets/css/style-gy2xr05rypagoa888viupqx1yk1agqb0hgbyket9uw1g2iljopyupsuh9nej.min.css">
<!--STYLES END-->
</head>
<body>
<div id="blog">
<!-- Define author's picture -->
<header id="header" data-behavior="1">
<i id="btn-open-sidebar" class="fa fa-lg fa-bars"></i>
<div class="header-title">
<a class="header-title-link" href="/blog/ ">Curie Doc Blog</a>
</div>
<a class="header-right-picture " href="#about">
</a>
</header>
<!-- Define author's picture -->
<nav id="sidebar" data-behavior="1">
<div class="sidebar-container">
<ul class="sidebar-buttons">
<li class="sidebar-button">
<a class="sidebar-button-link " href="/blog/ " title="Home">
<i class="sidebar-button-icon fa fa-lg fa-home" aria-hidden="true"></i>
<span class="sidebar-button-desc">Home</span>
</a>
</li>
<li class="sidebar-button">
<a class="sidebar-button-link " href="/blog/all-categories" title="Categories">
<i class="sidebar-button-icon fa fa-lg fa-bookmark" aria-hidden="true"></i>
<span class="sidebar-button-desc">Categories</span>
</a>
</li>
<li class="sidebar-button">
<a class="sidebar-button-link " href="/blog/all-tags" title="Tags">
<i class="sidebar-button-icon fa fa-lg fa-tags" aria-hidden="true"></i>
<span class="sidebar-button-desc">Tags</span>
</a>
</li>
<li class="sidebar-button">
<a class="sidebar-button-link " href="/blog/all-archives" title="Archives">
<i class="sidebar-button-icon fa fa-lg fa-archive" aria-hidden="true"></i>
<span class="sidebar-button-desc">Archives</span>
</a>
</li>
<li class="sidebar-button">
<a class="sidebar-button-link open-algolia-search" href="#search" title="Search">
<i class="sidebar-button-icon fa fa-lg fa-search" aria-hidden="true"></i>
<span class="sidebar-button-desc">Search</span>
</a>
</li>
<li class="sidebar-button">
<a class="sidebar-button-link " href="#about" title="About">
<i class="sidebar-button-icon fa fa-lg fa-question" aria-hidden="true"></i>
<span class="sidebar-button-desc">About</span>
</a>
</li>
</ul>
<ul class="sidebar-buttons">
</ul>
<ul class="sidebar-buttons">
<li class="sidebar-button">
<a class="sidebar-button-link " href="/blog/atom.xml" title="RSS">
<i class="sidebar-button-icon fa fa-lg fa-rss" aria-hidden="true"></i>
<span class="sidebar-button-desc">RSS</span>
</a>
</li>
</ul>
</div>
</nav>
<div id="main" data-behavior="1" class="
hasCoverMetaIn
">
<section class="postShorten-group main-content-wrap">
<article class="postShorten postShorten--thumbnailimg-bottom">
<div class="postShorten-wrap">
<div class="postShorten-header">
<h1 class="postShorten-title">
<a class="link-unstyled" href="/blog/2018/06/18/hello-world/">
Hello World
</a>
</h1>
<div class="postShorten-meta">
<time datetime="2018-06-18T05:06:49+05:30">
Jun 18, 2018
</time>
</div>
</div>
<div class="postShorten-excerpt">
<p>Welcome to <a href="https://hexo.io/" target="_blank" rel="noopener">Hexo</a>! This is your very first post. Check <a href="https://hexo.io/docs/" target="_blank" rel="noopener">documentation</a> for more info. If you get any problems when using Hexo, you can find the answer in <a href="https://hexo.io/docs/troubleshooting.html" target="_blank" rel="noopener">troubleshooting</a> or you can ask me on <a href="https://github.com/hexojs/hexo/issues" target="_blank" rel="noopener">GitHub</a>.</p>
<a href="/blog/2018/06/18/hello-world/" class="postShorten-excerpt_link link">
Continue reading
</a>
</div>
</div>
</article>
<article class="postShorten postShorten--thumbnailimg-bottom">
<div class="postShorten-wrap">
<div class="postShorten-header">
<h1 class="postShorten-title">
<a class="link-unstyled" href="/blog/2018/06/18/live-doctor-video-calls/">
Live Doctor Video Calls
</a>
</h1>
<div class="postShorten-meta">
<time datetime="2018-06-18T05:06:49+05:30">
Jun 18, 2018
</time>
</div>
</div>
<div class="postShorten-excerpt">
<p><img src="cover.png" alt="GitHub Logo"></p>
<p>Welcome to <a href="https://hexo.io/" target="_blank" rel="noopener">Hexo</a>! This is your very first post. Check <a href="https://hexo.io/docs/" target="_blank" rel="noopener">documentation</a> for more info. If you get any problems when using Hexo, you can find the answer in <a href="https://hexo.io/docs/troubleshooting.html" target="_blank" rel="noopener">troubleshooting</a> or you can ask me on <a href="https://github.com/hexojs/hexo/issues" target="_blank" rel="noopener">GitHub</a>.</p>
<a href="/blog/2018/06/18/live-doctor-video-calls/" class="postShorten-excerpt_link link">
Continue reading
</a>
</div>
</div>
</article>
<div class="pagination-bar">
<ul class="pagination">
<li class="pagination-number">page 1 of 1</li>
</ul>
</div>
</section>
<footer id="footer" class="main-content-wrap">
<span class="copyrights">
Copyrights © 2018 Curie Doc. All Rights Reserved.
</span>
</footer>
</div>
</div>
<div id="about">
<div id="about-card">
<div id="about-btn-close">
<i class="fa fa-remove"></i>
</div>
<h4 id="about-card-name">Curie Doc</h4>
<div id="about-card-bio">
<p>author.bio</p>
</div>
<div id="about-card-job">
<i class="fa fa-briefcase"></i>
<br/>
<p>author.job</p>
</div>
</div>
</div>
<div id="cover" style="background-image:url('/blog/assets/images/cover.jpg');"></div>
<!--SCRIPTS-->
<script src="/blog/assets/js/script-9xzvirgnfjjb76snlhrkwgttvljfm5b6mipdhr9evwsyiebdyoremsphbrbu.min.js"></script>
<!--SCRIPTS END-->
</body>
</html>