According to the grammar in the CSP spec, you need to specify schemes as scheme:, not just scheme. So, you need to change the image source directive to:
img-src 'self' data:;
More Related Contents:
- The Chrome extension popup is not working, click events are not handled
- How does Content Security Policy (CSP) work?
- Trouble with content security policy
- Refused to load the script because it violates the following Content Security Policy directive
- Injecting iframe into page with restrictive Content Security Policy
- Content Security Policy: The page’s settings blocked the loading of a resource
- What is happening when I have two CSP (Content Security Policies) policies – header & meta?
- Console shows error about Content Security policy and lots of failed GET requests
- What’s the purpose of the HTML “nonce” attribute for script and style elements?
- How to override content security policy while including script in browser JS console?
- Content-Security-Policy error in google chrome extension making
- Get JSON in a Chrome extension
- Why is script-src-elem not using values from script-src as a fallback?
- Using attr to set css variable inline that work with CSP
- Jenkins Content Security Policy
- Allow All Content Security Policy?
- Extension refuses to load the script due to Content Security Policy directive
- Chrome version 18+: How to allow inline scripting with a Content Security Policy?
- Cordova – refuse to execute inline event handler because it violates the following content Security policy
- How can I allow Mixed contents (http with https) using content-security-policy meta tag?
- Content Security Policy: “img-src ‘self’ data:”
- Google Adwords CSP (content security policy) img-src
- How to fix chrome-extension inline JavaScript invocation error?
- GTM not propagating nonce to Custom HTML tags