Does anyone know what the CSP (Content-Security-Policy) be implemented for both HTTP and HTTPS when using Bing for the MapLayer control?
This is what I have, which breaks the map feature:
<meta http-equiv="Content-Security-Policy"
content="script-src 'self' 'unsafe-inline' 'unsafe-eval' https://aspnet-scripts.telerikstatic.com ;
style-src 'self' 'unsafe-inline' https://aspnet-skins.telerikstatic.com ;
font-src 'self' https://aspnet-skins.telerikstatic.com ;
img-src 'self' https://aspnet-skins.telerikstatic.com " />
The error is:
Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken...yada yada yada.. Refused to load the script 'http://dev.virtualearth.net/REST/v1/Imagery/Metadata/road?output=json&jsonp=bingTileParams&include=ImageryProviders&key=my key&callback=bingTileParams&_=1649186230772' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://aspnet-scripts.telerikstatic.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
I'm new to having to use CSP so I could really use your help.