So I have a simple express server running in docker container with port mapping 8888:3000 when I access my server: http://localhost:8888/bla I do receive the message bla: "true" so everyting seems to work but in the browser (Firefox) console I get the following message:
Content Security Policy: The page's settings blocked the loading of a resource "http://localhost:8888/favicon.ico” („default-src”).
From what I've read Content Security Policy is used to prevent XSS, but here there is nothing of this sort in my program, I am just sending a message. Can someone explain why am I getting this message and how to fix it?
This is how my server code looks like (it just a basic setup):
var express = require('express');
const bodyParser = require('body-parser');
const fetch = require("node-fetch");
var app = express();
app.engine('html', require('ejs').renderFile);
app.set('view engine', 'html');
app.use(express.static(__dirname + '/public'));
app.use(bodyParser.urlencoded({
extended: true
}));
app.use(bodyParser.json());
app.get('/bla', function (req, res) {
res.send({ bla: 'true'});
});
const port = 3000
app.listen(port, () => console.log(`Example app listening on port ${port}!`))
Aucun commentaire:
Enregistrer un commentaire