Menu

Showing posts with label Dispatcher. Show all posts
Showing posts with label Dispatcher. Show all posts

Refused to load the script

Content-security-policy deny the script from third-party system, but few third-party application and system needs to be allow so that we can use their libraries in our web application. In this case since the content security policy blocked all script hence our application is unable to load any library from cdn.tiny.cloud host. Lets see the error ans solution in detail.

Error

Refused to load the script 'https://cdn.tiny.cloud/1/rashidjorvee/tinymce/6/tinymce.min.js' because it violates the following Content Security Policy directive: "script-src blob: data: 'unsafe-inline' 'unsafe-eval' 'self' rashidjorvee.com adobeaemcloud.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Solution 

Using dispatcher config we can solve this by adding content-security-policy and allow that domain.


<IfModule mod_headers.c>
    Header add X-Vhost "publish"
    Header always set X-XSS-Protection "1; mode=block"
    Header always set content-security-policy "script-src blob: data: 'unsafe-inline' 'unsafe-eval' 'self' *.tiny.cloud *.adobeaemcloud.com
</IfModule>



Path or directory where Dispatcher cached files?

Question: Under which directory or path AEM dispatcher server cached the data or files?


Answer: Dispatcher server cached the files under path /var/www/html/. Here you will find the /apps, /content, /libs, and /etc(client libraries).


To read and understand more on dispatcher configs and settings, please visit Experience Manager Dispatcher.