Refused to load the image (ServerAlias w/apache2)

API & Customization issues
#1

Hello,

I currently have a virtualhost with a working ServerName, and a ServerAlias that returns an error and a blank page when loading.

I found this error via the browsers DevTools:

Refused to load the image '< URL >' because it violates the following Content Security Policy directive: "img-src 'self'".

login:37 
        
       Refused to load the image 'https://***.********.**/favicon.ico' because it violates the following Content Security Policy directive: "img-src 'self'".

login:38 
        
       Refused to load the image 'https://***.********.**/favicon_32.png' because it violates the following Content Security Policy directive: "img-src 'self'".

login:39 
        
       Refused to load the image 'https://***.********.**favicon_57.png' because it violates the following Content Security Policy directive: "img-src 'self'".

login:40 
        
       Refused to load the image 'https://***.********.**/favicon_76.png' because it violates the following Content Security Policy directive: "img-src 'self'".

login:41 
        
       Refused to load the image 'https://***.********.**/favicon_96.png' because it violates the following Content Security Policy directive: "img-src 'self'".

login:42 
        
       Refused to load the image 'https://***.********.**/favicon_128.png' because it violates the following Content Security Policy directive: "img-src 'self'".

login:43 
        
       Refused to load the image 'https://***.********.**favicon_192.png' because it violates the following Content Security Policy directive: "img-src 'self'".

login:44 
        
       Refused to load the image 'https://***.********.**/favicon_228.png' because it violates the following Content Security Policy directive: "img-src 'self'".

login:1 
        
       Refused to load the script 'https://***.********.**/js/app/stylesheet.js?v=3.5.0' because it violates the following Content Security Policy directive: "script-src 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

login:1 
        
       Refused to load the script 'https://***.********.**/js/app/api-vendors.js?v=3.5.0' because it violates the following Content Security Policy directive: "script-src 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

login:1 
        
       Refused to load the script 'https://***.********.**/js/app/api-triage.js?v=3.5.0' because it violates the following Content Security Policy directive: "script-src 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Unfortunately, I couldn’t find anything good regarding this error, can you help me?

best regards,
samuel

#2

You might need to provide more info regarding type of install, version, healthcheck, etc but generally the issue might be that your are serving a domain from a folder path but the app config file has a different domain which images are being linked to. Just a guess.