Hi!, I'm working on a project using Turbo-Android where we need open a browser when the user clicks on a banner in a Webview but this is blocked by the Content Security Policy, in the console, I received the next message Refused to connect to 'https://api2-oauth.chase.com/aggregator-oauth/v1/mobile/authorize?response_type=code&client_id' because it violates the following Content Security Policy directive: "connect-src 'self' https://settings.luckyorange.net wss://*.visitors.live https://pubsub.googleapis.com https://api.luckyorange.com wss://*.zopim.com wss://visitors.live
The app loads the Plaid widget (https://plaid.com/demo/) via webview, and the CSP blocks some the sources Plaid uses to connect to specific banks like Chase. This does not occur in web but only in mobile.
Is there a way to avoid this problem or any known fix?
Hi!, I'm working on a project using Turbo-Android where we need open a browser when the user clicks on a banner in a Webview but this is blocked by the Content Security Policy, in the console, I received the next message
Refused to connect to 'https://api2-oauth.chase.com/aggregator-oauth/v1/mobile/authorize?response_type=code&client_id' because it violates the following Content Security Policy directive: "connect-src 'self' https://settings.luckyorange.net wss://*.visitors.live https://pubsub.googleapis.com https://api.luckyorange.com wss://*.zopim.com wss://visitors.liveThe app loads the Plaid widget (https://plaid.com/demo/) via webview, and the CSP blocks some the sources Plaid uses to connect to specific banks like Chase. This does not occur in web but only in mobile.Is there a way to avoid this problem or any known fix?