For me, the live editing and previews are not working, seemingly because the directus professtional CSP is setting the following Content Security Policy directive: “frame-src https://*”.
Refused to frame ‘http://localhost:3000/’ because it violates the following Content Security Policy directive: “frame-src https://*”.
Any advice would be great!
Try setting it here
`CONTENT_SECURITY_POLICY_DIRECTIVES__IMG_SRC`
I’m copying this over from the docs:
Usage with Directus Cloud and local development Connecting your local development environment to a Directus Cloud Starter or Professional instance must be done by exposing your localhost to the web through an SSL secured connection. There are multiple ways to achieve this:
Using a tool like Ngrok, serveo, or localtunnel
Creating and using your own SSL certificate. In the case of Vite this can be done with an SSL plugin
Source: https://directus.io/docs/guides/content/visual-editor/frontend-library
I tried this, but the rule https://* only allows servers on the default port 443, which is already in use by my machine and is also requiring sudo access and is not reccomended
– BlowsieRefused to frame 'https://dev:3000/' because it violates the following Content Security Policy directive: "frame-src https://*".
– BlowsieDoes the same concept works for the self hosting as well? because I'm having similar case, I want to trigger a sign process from the USB Token on the client machine.
– AbdallahAdded a feature request.
Seems to be confirmed, hacking the CSP out of the headers using a browser plugin fixes the issue
– Blowsie