Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Enhance your career with this limited time 50% discount on Fabric and Power BI exams. Ends August 31st. Request your voucher.

Reply
LasseL
Helper I
Helper I

Getting Refused to connect to X because it violates the following Content Security Policy directive

‎11-14-2022 03:36 PM

Dear community,

 

On a custom visual I am trying use a http post request by fetch to a logic app endpoint, and getting following error from the Console:

 

Refused to connect to 'https://xxx.logic.azure.com/xxx' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

 

Following is the code from the react component of the visual:

    handleClick = () => {

        fetch('https://xxx.logic.azure.com:443/xxx', {  
        method: 'POST',
        mode: 'cors',
        body: JSON.stringify({"Data": {"Text1": "Test5", "Text2": "Test6"}}) // body data type must match "Content-Type" header
       })
 
 
For which reason I have tried to add to capabiltities.json the following:
     "privileges": [
        {
            "name": "WebAccess",
            "essential": true,
            "parameters": [ "https://prod-23.northeurope.logic.azure.com/", "https://*.logic.azure.com/", "https://prod-23.northeurope.logic.azure.com:443/", "*.logic.azure.com:443/" ]
        },
        {
            "name": "ExportContent",
            "essential": true
        }
    ]
}
 
Anyone got some ideas? Is it at all possible to do http request from a visual or has it been entirely blocked out by MS on the Power BI service?
 
Best regards and thanks
Labels:
Message 1 of 24
15,972 Views
23 REPLIES 23
pbn
Frequent Visitor
In response to LasseL

‎01-26-2023 04:56 AM

You got a 200 back. That's great.
So what exactly is your challenge?

 

The only think to do is to set the whitelisted web-urls in capabilities.json "privileges". Your own servers and all of the microsoft services as well.

Message 3 of 24
3,452 Views
LasseMr
Advocate II
Advocate II
In response to pbn

‎01-31-2023 03:49 AM

Hi @pbn ,

 

The 200 I got back was a test with another visual from appsource, demonstrating that it is indeed possible to use fetch requests within custom visuals and sandboxed iframe.

 

You are very right, it was just a question of getting the privileges set right it terms of whitelisting, when I got the servers in the requests went straight through!

 

Thanks, I do not seem to find an actual answer that I can accept from you, can you provide one? 😉

 

Have a great day.

Message 4 of 24
3,223 Views
0
pbn
Frequent Visitor
In response to LasseMr

‎01-31-2023 06:09 AM

I really want to help you if I can. However, I don't understand your question. Where is your knowledge gap?

Message 5 of 24
1,981 Views
0

Helpful resources

Announcements
August Power BI Update Carousel

Power BI Monthly Update - August 2025

Check out the August 2025 Power BI update to learn about new features.

August 2025 community update carousel

Fabric Community Update - August 2025

Find out what's new and trending in the Fabric community.

View All
Top Solution Authors
View All