How to set Content Security Policy for Application Insights in Interop mode for Azure App Service with Azure Front Door?
Greetings,
I am getting this error message when I inject Application Insights into my dotnet core webapp and I have no luck setting the appropriate Content Security Policy (CSP) with Azure Front Door's rule engine
Refused to load the script 'https://js.monitor.azure.com/scripts/b/ai.2.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' cdnjs.cloudflare.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
I use the following CSP:
content-security-policy: script-src https://*.contoso.com https://js.monitor.azure.com
I appreciate any help because I am loosin' it