APIM Management Content Security Policy Settings are not working as expected
I have APIM management with lot of APIs are imported and working. I published APIM developer portal with content security policy settings to allow only trusted resources. Since then I am unable to execute any APIs from developer portal which I am able to do it previously with Disabled CSP settings.
I tried different options but still getting blocked. I publish every time I change settings. Can some one help me in this
content-src 'self' https://contoso-apim.developer.azure-api.net
connect-src 'self';
From web browser, console log:
I have Enabled Content Security Policy and have added the below lines in allowed resources Hostname.
script-src 'self' https://****.developer.azure-api.net https://*****.azure-api.net 'unsafe-inline' 'unsafe-eval';
Post making the changes, I have published the developer portal. Then I am testing the Echo API using APIM developer portal and got the expected response.
- Azure Maps rejecting Route Request with ZipCode
- Create-React-App hosted in Azure getting a 404 with manual refresh or by typing the url manually on any page except the home page
- Why I'm getting 404 Resource Not Found to my newly Azure OpenAI deployment?
- Scanning for malware in files uploaded to Azure
- Azure blob, controlling filename on download
- How to delete/clear active/dead-letter messages from Azure Service Bus Queue?
- How to Generate .AAB file and Sign Android app Bundle using azure pipeline
- Get Access Token from Microsoft Graph for ClientId with delegated permissions
- Can't create password containing parentheses in Azure CLI
- Azure Web App Cannot Access Azure Container Registry Using Managed Identity
- Azure Access token just created but not capable to verify that is authentic
- Querying azure table storage for null values
- Azure App Functions, Storage queue trigger
- Error while running Terraform Import Command to import Azure Key Vault
- How to get Node.js app running on Azure App Service?
- K6 - Azure Blob Storage Authentication
- how to deprovision iotedge module and reconnect to a different iothub
- How to get the Azure assistant to use the vector store using SDK
- How can I invoke Azure Trusted Signing from a Linux OS?
- How to get client IP address in Azure Functions node.js?
- Get request headers in azure functions NodeJs Http Trigger
- Terraform Azure include NSG with subnet deployment
- What is preventing AKS from pulling images from ACR?
- Make Azure Keyvault secrets available in entire pipeline
- How to read S/MIME mails and their attachements
- Use delegated permissions with Client App Registration
- Unable to connect to Azure Function App after integrating into VNET
- add-kdsrootkey error the request is not supported
- How do you use Active Directory in a "hosted solution"?
- How can I select the proper openai.api_version?