i keep getting content-security-policy error while loading kibana in browser, so i put
csp.strict: false in my kibana.yml file but problem still remains.
Should i use csp.rules ?
Kibana version 7.3.0
OS: Ubuntu 18
browser: Chrome, Firefox
i am intended to run kibana on subdomain.
kibana:1 Refused to load the script 'https://mysub.domain.com/cdn-cgi/apps/head/tasLbO6euogGbCLLTEoh3C4FAnM.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'nonce-+ua1j/YIhocrsxxB'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
How can i fix this ?