Question
Im developing a game with JavaScript and canvas. And recently since i implemented clicks i have been receiving this message in firebug:
CSP WARN: allow directive is deprecated, use the equivalent default-source directive instead
Its not affecting the game at all, but i was wondering what it meant? and could it affect my game eventually?
I found this online, but i can't make any sense of it, and im not totally sure if its talking about the same message that im receiving
Thanks
Solution
CSP is Content Security Policy, these are HTTP headers that can for example restrict JavaScript execution in the browser. The warning points out a non-critical problem with the policy.
To look at the headers you could use curl -I on your server. The "Content-Security-Policy", "X-Content-Security-Policy" and "X-WebKit-CSP" fields are relevant.
Since you don't know about CSP I assume you are not administrating the web server, you might want to talk to the person in charge.
OTHER TIPS
That is old syntax for CSP. You don't say: "allow 'self'" anymore. You say:
Content-Security-Policy: default-src 'self'
https://stackoverflow.com/questions/15999597
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian