Hi all,

I'm trying to add Here Maps on my company's application and I'm getting some security issues: 

I'm doing exactly the same thing on my personal environment and it works:

I tried using the forge component and it is outdated, using App Id and App code instead of the API key.

I tested it just by replacing the authentication method to API key and I got more than thousand console errors.

By the way I have tried some stuff I found on the internet but it has not worked so far.

https://stackoverflow.com/questions/40360109/content-security-policy-img-src-self-data

Hey Denis,

I would say the cleanest way you can approach this (especially if the Forge component is outdated) is to create a library in Service Studio, for the Here Maps API. This way you can control the library build, it's reusable and you can manage your dependencies and bring it back into your current build.
Sydney

Out of curiosity, is your personal environment using https? Or http?

The reason I ask is that browsers are increasingly applying more restrictive rules by default, so the content policy error message you're receiving may not be being enforced if the app itself is not using https.


G. Andrew Duthie wrote:

Out of curiosity, is your personal environment using https? Or http?

The reason I ask is that browsers are increasingly applying more restrictive rules by default, so the content policy error message you're receiving may not be being enforced if the app itself is not using https.


 Hi Andrew, yes it is using https, you can see the lock on the left of the URL.

 

Sydney Lai wrote:

Hey Denis,

I would say the cleanest way you can approach this (especially if the Forge component is outdated) is to create a library in Service Studio, for the Here Maps API. This way you can control the library build, it's reusable and you can manage your dependencies and bring it back into your current build.
Sydney

 Hi Sidney.


Sorry for my lack of knowledge, but how will it differ about the security problems?

By the way, I believe I can not use a library from reactive in a traditional web app.