Hi, I have a couple of unmanaged wordpress installations and all of them have issues with content security policy settings.
I embed a number of resources on the website. E.g., I use Adobe PDF Embed API which works fine on other hosts.
But on Cloudron, any PDF embedded using the API does not load completely. In particular, links within the PDF do not work.
Ditto for videos hosted on Bunnynet and embedded on wordpress (works fine elsewhere, same site migrated to other hosts).
In the Browser Inspector, I get a bunch of errors related to the content security policies - particularly in loading JS files from other domains.
I tried adding custom content security policy in the security tab of the application. I tried using the CSP Generator (chrome plugin) to generate policies that I can add to the CSP in the security tab, but the page completely failed to load.
I tried adding wordpress plugins such as the 'Cookies and Content Security Policy', added all the origin domains/subdomains of the various JS files that failed to load, but nothing seems to work.
I have been trying to understand the root of the issue. I would would be most grateful for any help and assistance in resolving this issue, please.