Hi ,
I use Firefox and it auto update to ver 58 this day, but when it finished , I try to use Firefox 58 play a m3u8 by jwplayer HLS function, It throw a Content Security Policy error and can not continue playing video.
Our Apache had set an CSP header:
"Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.jwpcdn.com ;
and Firefox 58 tell us CSP page setting defend blob:http://168.95.1.2/36e62ae9-1fef-4126-a0bf-d8ab0922d68a
If we change browser to Google Chrome, it also throw an error but can playing video correctly.
Chrome tell us:
Refused to create a worker from 'blob:http://168.95.1.2/390a82e3-3c66-4d3a-9dfd-75843b6d7d6f' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' ". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
Can you help me to play m3u8 on Firefox 58 with a CSP script-src setting ? My jwplayer versin is 7.11.
Thanks.
↧