I currently have a Metabase EC2 instance running on AWS that is being routed through a Load Balancer and then connected to a CloudFront distribution.
When accessing the Load Balancer directly (i.e.
load-balancer-12345.region.elb.amazonaws.com:port) everything works fine, but when accessing it through Route53 / CloudFront on
metabase.domain.co.uk the site loads but with the error:
Content Security Policy: The page's settings blocked the loading of a resource at inline ("script-src").
I’ve added everything that is required on CloudFront, even adding the custom
Content-Security-Policy with all
default-src 'self'; but I still get this error.
Can anyone offer any guidance? I can give more information if required. Thanks.