You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
upgrade-insecure-requests is a directive that is ignored when a policy is set to report-only.
This can cause console errors on CI build tools like lighthouse etc.
Suggested solution:
Feature toggle either by conditional logic or env config (possibly checking if circleci is running?) to disable upgrade-insecure-requests from the policy when in dev environments and when a policy is set to report-only.
The text was updated successfully, but these errors were encountered:
jareddreyerss
changed the title
[Request] toggle/feature flag for upgrade-insecure-requests
[Request] Feature/toggle flag for upgrade-insecure-requests
Aug 7, 2024
upgrade-insecure-requests
is a directive that is ignored when a policy is set toreport-only
.This can cause console errors on CI build tools like lighthouse etc.
Suggested solution:
Feature toggle either by conditional logic or env config (possibly checking if circleci is running?) to disable
upgrade-insecure-requests
from the policy when in dev environments and when a policy is set toreport-only
.see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests for reference.
The text was updated successfully, but these errors were encountered: