Lighthouse: Unrecognized Content-Security-Policy directive 'require-trusted-types-for'
Describe the bug
The directive 'require-trusted-types-for' is legit, but it says unrecognized CSP directive.
To Reproduce
Steps to reproduce the behavior:
- Go to web.dev
- Test https://aashutosh.dev
- In report click on best practices.
- It shows this error.
Expected behavior
I think no browser error should log (due to 'require-trusted-types-for') while web.dev is visiting the site for report generation.
Screenshots
PS: Please correct me if I misinterpreted something completely.
aashutoshrathi
All 5 comments
transferring to Lighthouse team
robdodson
on 4 May 2020
@aashutoshrathi it looks like you removed this directive from your CSP, right?
paulirish
on 4 May 2020
If the console logged it, this is coming from Chromium. I suggest making an issue on crbug.com if this doesn't align with your expectations.
looks like it's an experimental feature in chrome. https://caniuse.com/#feat=mdn-http_headers_csp_content-security-policy_trusted-types and we don't enable experiments in the env. that powers web.dev
connorjclark
on 4 May 2020
The article indicates they're supported in Chrome 83. Stable is still 81. It's very possible chrome stable emits this browser error into the console. (Not ideal, but that's how it goes sometimes.. forward compat is hard.)
This isn't a Lighthouse error, though. We're just reporting that Chrome's console has errors in it.
paulirish
on 4 May 2020
Yeah, @paulirish I currently commented that particular CSP Directive for a while. 😅 (Since needed to show audit to someone else).
Thanks for the quick followup. @connorjclark and @paulirish
aashutoshrathi
on 5 May 2020
Related issues
motiejuss
·
3Comments
devrsi0n
·
3Comments
mbparvezme
·
3Comments
workjalexanderfox
·
3Comments
bitttttten
·
3Comments