Search or browse our knowledge base to find answers to your questions ranging from account questions to troubleshooting error messages. The content is curated and updated by our global Support team
In Qlik Saas, when adding an image <URL> https://play-lh.googleusercontent.com/ahJtMe0vfOlAu1XJVQ6rcaGrQBgtrEZQefHy7SXB7jpijKhu1Kkox90XDuH8Rm... as a column to a table, we expected this to fail because it should require "img-src" directive to be checked in "Content Security Policy".
However, the logo with image <url> above is displayed correctly (see logo dispayed as Dim1 column in below screenshot ).
Adding a new column 'Alpha' with image <url> https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTaANtept27EFdcIQ62k2W2VCkpXSq0iDxT4w&usqp=CAU does not display the expected image.
Environment
- Qlik Sense SaaS
Resolution
From a close look to console tab (of dev-tool), we noticed that some image <urls> are recognized by default (see above attached screenshot). They do not require the use of directive "img-src ".
Refused to load the image '<URL>' because it violates the following Content Security Policy directive: "img-src 'self' data: maps.qlikcloud.com ibasemaps-api.arcgis.com cdn.pendo.io app.pendo.io pendo-static-5763789454311424.storage.googleapis.com data.pendo.io *.gravatar.com *.wp.com *.googleusercontent.com cdn.qlik-stage.com cdn.qlikcloud.com upload.wikimedia.org".
A documentation request HLP-13324 was submitted to R&D .
Cause
Product Defect ID: HLP-13324
