Closed agg23 closed 6 years ago
Hm, sorry about that. I thought I managed to whitelist everything.
Can you give me the exact URL it’s trying to connect to?
I may also just remove the CSP if this gets more complicated.
I'm not sure what parts of the URL are private, but I assume you only need the domain. The endpoint is https://apple-sg-us-std-000001.s3.amazonaws.com
. It's possible (and perhaps likely) that there are different endpoints for iTunes Match and Apple Music, and this may be an iTunes Match item.
I had s3 whitelisted for images but not for media. I've added s3 now to the media whitelist - can you try now?
It is indeed fixed now.
Great! Thanks for reporting the issue.
On attempting to play anything in Safari 11.1.2 for Mac, it just sits there spinning and logs:
Refused to load *url* because it does not appear in the media-src directive of the Content Security Policy.
I believe this is trivially solved by adding a
<meta http-equiv="Content-Security-Policy">
to the header of each page, allowing access to Apple's AWS.