Description
I have been following the guide(s) - readme.md and read the guide on contributing. When I execute npm run dev with couchdb up 'n running in docker and the settings.json modified accordingly, I get a Content Security violation in Chrome Version 75.0.3770.100 (Official Build) (64-bit) on the latest Mac Book Pro as of this writing:
Refused to connect to '<URL>' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
default-src 'self' should work for same-origin when applying host: "http://localhost:5984"
I was playing around with https://csp-evaluator.withgoogle.com/ using the defaultHeaderValue in devserver.js but to no avail. (On an unrelated note, Google is saying you can restrict object src to 'none' .. new issue?
This is blocking me from completing local development setup and it would be my pleasure to contribute and fix some UI issues I found.