papegaaij commented on issue #399: WICKET-6727: Configurable Content-Security-Policy URL: https://github.com/apache/wicket/pull/399#issuecomment-581106224 @solomax this is because the blocking header is already configured in`WebApplication`. If you do not want a blocking CSP, you need to call `getCSP().blocking().disable()`. Otherwise you are configuring the reporting header next to the blocking one. I can see how this can be a bit confusing, but I don't see an easy fix, do you?
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
