I'm getting this content security policy error:
Refused to connect to 'https://web-2.statscollector.sd-rtn.com:6443/events/proto-raws' because it violates the following Content Security Policy directive: "connect-src [.....]
My content security policy rules for connect-src include:
"https://*.statscollector.sd-rtn.com:6443/*",
Am I not using wildcards correctly?
We just have to provide the domain and should not include the path of the domain.
Valid wildcard host names expressions include "*.google.com" and "*".
Invalid wildcard host name expressions include "www.*.com", "*.google.*" and "google.*".
Reference for it:- https://wiki.mozilla.org/Security/CSP/Specification#Hostname_Wildcards
Just try to use like this https://*.statscollector.sd-rtn.com:6443 as your content security rule