Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

In Firefox 58, HLS can not work

Hi ,

I use Firefox and it auto update to ver 58 this day, but when it finished , I try to use Firefox 58 play a m3u8 by jwplayer HLS function, It throw a Content Security Policy error and can not continue playing video.

Our Apache had set an CSP header:
"Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.jwpcdn.com ;

and Firefox 58 tell us CSP page setting defend blob:http://168.95.1.2/36e62ae9-1fef-4126-a0bf-d8ab0922d68a

If we change browser to Google Chrome, it also throw an error but can playing video correctly.
Chrome tell us:
Refused to create a worker from 'blob:http://168.95.1.2/390a82e3-3c66-4d3a-9dfd-75843b6d7d6f' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' ". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.

Can you help me to play m3u8 on Firefox 58 with a CSP script-src setting ? My jwplayer versin is 7.11.
Thanks.

1 Community Answers

Up Down

Todd

JW Player Support Agent  
0 rated :

I just checked our Stream Tester at https://developer.jwplayer.com/tools/stream-tester/ in Firefox 58.0.1 on Mac and the HLS stream is playing normally for me.

I am not familiar with CSP headers. Why do you need to set this? And how can I set one on my side so I can test further?

This question has received the maximum number of answers.