Details
-
Bug
-
Resolution: Fixed
-
Major
-
None
-
None
-
None
Description
In https://reactos.org/joining, I didn't see facebook and twitter boxes.
I opened the chrome console and it said:
"Refused to load the script 'https://connect.facebook.net/en_LA/sdk.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.google.com www.gstatic.com fonts.gstatic.com fonts.googleapis.com kiwiirc.com money.yandex.ru". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback."
"Refused to load the script 'https://platform.twitter.com/widgets.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.google.com www.gstatic.com fonts.gstatic.com fonts.googleapis.com kiwiirc.com money.yandex.ru". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback."