set content security policy in hubs-cloud

[shamsail]

Hi, I'm using emailjs-com for custom email in the hubs-cloud and it's working fine on local setup. "npm start" "https://localhost:8080" but when I deploy my hubs-cloud updated code to the server via "npm run deploy".. code is being deployed without any error and I can also see my other changes that are also working fine on live system after deployment. But the issue that I'm facing is that after deployment my emailjs-com code/implementation is not working and on browser's console I can see the error of "content security policy" Error statement: "Content Security Policy: The page’s settings blocked the loading of a resource at https://api.emailjs.com/api/v1.0/email/send (“connect-src”)".

What should I do to resolve this issue.

Currently I have tried this in "index.html" but nothing has changed on live server after deployment

<meta http-equiv="Content-Security-Policy" content="connect-src 'self' 'unsafe-inline' 'unsafe-eval' https://api.emailjs.com
        https://api.emailjs.com/api/v1.0/email/send;">

Please help me in this regard..

[shamsail]

In the admin panel on website, we can add the "connect-src" and other content security policy. like this under advanced tab..

No need to add meta tag and put content security policy by yourself in code.

[tskarthikus]

Hi, I am facing this issue for twitch:

Error: Content Security Policy: The page’s settings blocked the loading of a resource at https://api.twitch.tv/helix/streams (“connect-src”)

Though I tried to add the url as shown above, it didn't fix this error for twitch. Could this be fixed?