Content Security Policy Violations happening for whitelisted domains only for Netherlands and Switzerland users.
Gour, Ashish
0
Reputation points
I have a csp policy where I have whitelisted all the domains from which I want to load the content to my application and have added only default-src directive which is fallback to all the other directives.
I have tested the policy on lower environments and it's working as expected.
But in production environment, I have observed the policy is getting violated for Netherlands and Switzerland users (Note: mostly images are getting blocked), Is there any network related restrictions in these countries or any other issue related to content security policy.