Hi there,
I’m seeing a strange behaviour in the ChatGPT app I am currently developing. The exact same app, while added to my account and used with developer mode on works just fine. However, if I create it at the organization level and publish it, then try to use it without developer mode, I get these errors on every asset (css/js) my widgets are using:
Loading the stylesheet ‘…’ violates the following Content Security Policy directive: “style-src-elem ‘self’ ‘unsafe-inline’ https:// cdn. tailwindcss. com https:// cdn .jsdelivr.net https:// unpkg .com https://*.oaiusercontent.com https:// threejs .org”. The action has been blocked.
I understand this is a CSP issue but the domain is exactly the same here from what I can tell? Why is this suddenly blocked when the app runs outside of developer mode?
Any help would be appreciated! Thanks