Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Enhance your career with this limited time 50% discount on Fabric and Power BI exams. Ends August 31st. Request your voucher.

Reply
MonikaGole
Frequent Visitor

Getting Refused to load Scripts Error while running custom visual in chrome.

‎03-29-2023 05:10 AM

I am loading a external script in power bi custom visual. 

powerbi-visuals-tools version - 4.2.1

Getting following error while running custom visual in developer mode in chrome: 

Refused to load the script 'https://developer.api.autodesk.com/modelderivative/v2/viewers/7.*/viewer3D.js' because it violates the following Content Security Policy directive: "default-src https://app.powerbi.com data: blob: 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.

 

 

Labels:
Message 1 of 4
1,904 Views
3 REPLIES 3
MonikaGole
Frequent Visitor

‎03-30-2023 10:48 PM

Thanks for the solution.

I have tried to set the CSP directive in pbiviz.json file.

 

Below is my pbiviz.json file :

{
    "visual": {
        "name": "sampleforgeViewervisual",
        "displayName": "sample_forgeViewer_visual",
        "guid": "sampleforgeViewervisualFE35C237FC27484483545CAFECAFA769",
        "visualClassName": "Visual",
        "version": "1.0.0",
        "description": "",
        "supportUrl": "",
        "gitHubUrl": "",
        "contentSecurityPolicy": "default-src https://app.powerbi.com data: blob: 'unsafe-inline' 'unsafe-eval' https://developer.api.autodesk.com"
    },
    "apiVersion": "5.1.0",
    "author": {
        "name": "",
        "email": ""
    },
    "assets": {
        "icon": "assets/icon.png"
    },

    "externalJS": null,
    "style": "style/visual.less",
    "capabilities": "capabilities.json",
    "dependencies": null,
    "stringResources": []
}
 

But this is not working.

Could you please tell me where to or how to set CSP directive while creating custom visual?

I am running the visual in developer mode.

Message 3 of 4
1,841 Views
MonikaGole
Frequent Visitor
In response to MonikaGole

‎04-03-2023 11:15 PM

I am able to solve this issue by adding privileges setting that allowing access to external resources.

Example :

{ "name": "WebAccess", "essential": true, "parameters": [ "https://*.microsoft.com", "http://example.com" ] }

Message 4 of 4
1,767 Views
0
Adamboer
Responsive Resident
Responsive Resident

‎03-30-2023 04:10 AM

This error occurs because the script you are trying to load violates the Content Security Policy (CSP) of Power BI, which restricts the types of content that can be loaded into a visual. The CSP directive "default-src https://app.powerbi.com data: blob: 'unsafe-inline' 'unsafe-eval'" specifies that only scripts from the Power BI website, data URIs, and inline scripts are allowed. The external script you are trying to load does not meet this criteria.

To resolve this issue, you can modify the CSP directive to allow the external script to be loaded. You can do this by adding the domain of the external script to the "default-src" directive. For example, if the domain of the external script is "example.com", you can modify the directive to "default-src https://app.powerbi.com data: blob: 'unsafe-inline' 'unsafe-eval' example.com".

Keep in mind that modifying the CSP directive can pose a security risk, so you should only add domains that you trust.

Message 2 of 4
1,858 Views

Helpful resources

Announcements
July 2025 community update carousel

Fabric Community Update - July 2025

Find out what's new and trending in the Fabric community.

July PBI25 Carousel

Power BI Monthly Update - July 2025

Check out the July 2025 Power BI update to learn about new features.

View All