Windows 10 reached EOS (end of support) on October 14, 2025. For more information, see this article.

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Cached Headers that I cant get rid of

jadentyler72
jadentyler72
more options

I'm building a website from scratch and its going great. I just tried to implement a CSP and it worked except for one small section of my website that allows a user to upload an image and that image is supposed to be displayed back to the user. Anyways long story short the CSP blocked me so I tried to whitelist data: and it still didn't work. defeated I removed the CSP from Nginx to work on it later but when I went to try and test again I get this error. ``` Content-Security-Policy: The page’s settings blocked the loading of a resource (img-src) at data:image/webp;base64,UklGRqbeAABXRUJQV… because it violates the following directive: “default-src 'self'” ``` I have confirmed with Curl and by inspecting the network tab that there is no CSP included in the headers anymore. I have restarted Firefox, created a new Firefox profile, and cleared my cache to the end of time and yet still the error persists. I don't know where or how Firefox is storing website headers but they persists and also apparently work between profiles an implication I'm not going to delve into here. If someone could point me to the file where the headers are stored so I can delete it that would be wonderful.

specs Qubes OS 4.2 Mozilla Firefox 140.4.0esr

I'm building a website from scratch and its going great. I just tried to implement a CSP and it worked except for one small section of my website that allows a user to upload an image and that image is supposed to be displayed back to the user. Anyways long story short the CSP blocked me so I tried to whitelist data: and it still didn't work. defeated I removed the CSP from Nginx to work on it later but when I went to try and test again I get this error. ``` Content-Security-Policy: The page’s settings blocked the loading of a resource (img-src) at data:image/webp;base64,UklGRqbeAABXRUJQV… because it violates the following directive: “default-src 'self'” ``` I have confirmed with Curl and by inspecting the network tab that there is no CSP included in the headers anymore. I have restarted Firefox, created a new Firefox profile, and cleared my cache to the end of time and yet still the error persists. I don't know where or how Firefox is storing website headers but they persists and also apparently work between profiles an implication I'm not going to delve into here. If someone could point me to the file where the headers are stored so I can delete it that would be wonderful. specs Qubes OS 4.2 Mozilla Firefox 140.4.0esr

Isisombululo esikhethiwe

I cant delete my question but this is not a Firefox issue apparently. I just tested Chromium and got the same problem. I'm not sure whats going on because Curl shows there is no CSP header yet the browser is acting as if there is.

Funda le mpendulo ngokuhambisana nalesi sihloko 👍 0

All Replies (1)

jadentyler72
jadentyler72 Umnikazi wombuzo
more options

Isisombululo Esikhethiwe

I cant delete my question but this is not a Firefox issue apparently. I just tested Chromium and got the same problem. I'm not sure whats going on because Curl shows there is no CSP header yet the browser is acting as if there is.

Buza umbuzo

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.