New ask Hacker News story: Ask HN: Claude web blocked its assets visit via csp?
Ask HN: Claude web blocked its assets visit via csp?
5 by xgstation | 2 comments on Hacker News.
returned CSP header as following while all assets access to `https://assets-proxy.anthropic.com` is blocked script-src 'strict-dynamic' https: 'nonce-0f2f/yV7CL8nKlXr/lFMPA==' https://via.intercom.io https://api.intercom.io https://ift.tt/vVAwEOD https://ift.tt/pXG4mhB https://ift.tt/n6UeSF2 https://ift.tt/uWl09aF https://ift.tt/845Jygp https://ift.tt/dsK91WD https://ift.tt/ws7kKGf wss://nexus-websocket-a.intercom.io https://ift.tt/ZFdYkAE wss://nexus-websocket-b.intercom.io https://ift.tt/MZzQ47B wss://nexus-europe-websocket.intercom.io https://ift.tt/MLQErnF wss://nexus-australia-websocket.intercom.io https://ift.tt/5YbBWpX https://ift.tt/vcgp1fM https://ift.tt/BTiYOEW https://ift.tt/5ULzVy1 https://ift.tt/iCeUtJN https://ift.tt/nOEP6Kr https://ift.tt/n1dxEVc 'wasm-unsafe-eval'; object-src 'none'; base-uri 'none'; frame-ancestors 'self'; block-all-mixed-content; img-src 'self' data: blob: *.anthropic.com *.claude.ai *.claude.com *.ant.dev *.gstatic.com * https://ift.tt/HKmOPSV https://ift.tt/YkRTnSO https://ift.tt/XnWH2c4 https://ift.tt/X7uIxVb https://ift.tt/EH4nvyi https://ift.tt/iCeUtJN https://ift.tt/WYs7DvE https://ift.tt/mLEKRzD https://ift.tt/qzKTQ7I https://ift.tt/WNMYhzi https://ift.tt/Hf7ZpBb https://*.intercom-attachments-1.com https://*.intercom-attachments.eu https://*.au.intercom-attachments.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://ift.tt/DqIT7XO https://ift.tt/47V5Gjp; frame-src a-cdn.claude.ai a.claude.ai a.claude-ai.staging.ant.dev b.stripecdn.com embedded-dashboards.metronome.com forms.hsforms.com googletagmanager.com js.stripe.com m.stripe.network newassets.hcaptcha.com pay.google.com r.stripe.com www.google.com accounts.google.com https://ift.tt/TCvtDqx https://ift.tt/Jg2IaTd https://ift.tt/ihs1cJW https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://ift.tt/8csd079 https://ift.tt/DAks3B6 *.claudemcpcontent.com https://claude.ai; font-src 'self' assets.claude.ai https://ift.tt/HKmOPSV https://ift.tt/KOAva6x; form-action 'self' https://ift.tt/a4LPFKc https://intercom.help https://ift.tt/n6UeSF2 https://ift.tt/uWl09aF https://ift.tt/845Jygp; media-src 'self' cdn.sanity.io https://ift.tt/ULuWDB6 https://ift.tt/HKmOPSV https://ift.tt/XnWH2c4 https://ift.tt/X7uIxVb https://ift.tt/EH4nvyi; upgrade-insecure-requests
5 by xgstation | 2 comments on Hacker News.
returned CSP header as following while all assets access to `https://assets-proxy.anthropic.com` is blocked script-src 'strict-dynamic' https: 'nonce-0f2f/yV7CL8nKlXr/lFMPA==' https://via.intercom.io https://api.intercom.io https://ift.tt/vVAwEOD https://ift.tt/pXG4mhB https://ift.tt/n6UeSF2 https://ift.tt/uWl09aF https://ift.tt/845Jygp https://ift.tt/dsK91WD https://ift.tt/ws7kKGf wss://nexus-websocket-a.intercom.io https://ift.tt/ZFdYkAE wss://nexus-websocket-b.intercom.io https://ift.tt/MZzQ47B wss://nexus-europe-websocket.intercom.io https://ift.tt/MLQErnF wss://nexus-australia-websocket.intercom.io https://ift.tt/5YbBWpX https://ift.tt/vcgp1fM https://ift.tt/BTiYOEW https://ift.tt/5ULzVy1 https://ift.tt/iCeUtJN https://ift.tt/nOEP6Kr https://ift.tt/n1dxEVc 'wasm-unsafe-eval'; object-src 'none'; base-uri 'none'; frame-ancestors 'self'; block-all-mixed-content; img-src 'self' data: blob: *.anthropic.com *.claude.ai *.claude.com *.ant.dev *.gstatic.com * https://ift.tt/HKmOPSV https://ift.tt/YkRTnSO https://ift.tt/XnWH2c4 https://ift.tt/X7uIxVb https://ift.tt/EH4nvyi https://ift.tt/iCeUtJN https://ift.tt/WYs7DvE https://ift.tt/mLEKRzD https://ift.tt/qzKTQ7I https://ift.tt/WNMYhzi https://ift.tt/Hf7ZpBb https://*.intercom-attachments-1.com https://*.intercom-attachments.eu https://*.au.intercom-attachments.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://ift.tt/DqIT7XO https://ift.tt/47V5Gjp; frame-src a-cdn.claude.ai a.claude.ai a.claude-ai.staging.ant.dev b.stripecdn.com embedded-dashboards.metronome.com forms.hsforms.com googletagmanager.com js.stripe.com m.stripe.network newassets.hcaptcha.com pay.google.com r.stripe.com www.google.com accounts.google.com https://ift.tt/TCvtDqx https://ift.tt/Jg2IaTd https://ift.tt/ihs1cJW https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://ift.tt/8csd079 https://ift.tt/DAks3B6 *.claudemcpcontent.com https://claude.ai; font-src 'self' assets.claude.ai https://ift.tt/HKmOPSV https://ift.tt/KOAva6x; form-action 'self' https://ift.tt/a4LPFKc https://intercom.help https://ift.tt/n6UeSF2 https://ift.tt/uWl09aF https://ift.tt/845Jygp; media-src 'self' cdn.sanity.io https://ift.tt/ULuWDB6 https://ift.tt/HKmOPSV https://ift.tt/XnWH2c4 https://ift.tt/X7uIxVb https://ift.tt/EH4nvyi; upgrade-insecure-requests
Comments
Post a Comment