Loading the image ‘data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAb4AAAHvCAYAAAArX7q7AAAQAElEQVR4AezXW3LqSBIG4GMtwn7w/pfGA2yC4UyfigyHMQZJpbrkN2GGbC5S5ZfZ/QfLH/8jQIAAAQIJBC7n0/XvQ/AlGLYWCRAgQCAEBF9YqAgQIEAggYDgSzBkLRIgQIBACAi+sFARIBACKgLTCgi+aUerMQIECBC4JyD47ql4jQABAgRCYLJK8E02UO0QIECAwGMBwffYx7sECBAgMJmA4Ns0UF8mQIAAgdEEBN9oE3NeAgQIENgkIPg28fkygRBQESAwhoDgG2NOTkmAAAECOwkIvp0gXYYAAQIhoOpZQPD1PB1nI0CAAIHdBQTf7qQuSIAAAQI9CxwdfD1bOBsBAgQIJBAQfAmGrEUCBAgQCAHBFxaqowXcjwABAg0EBF8DdLckQIAAgXYCgq+dvTsTIBACKgKHCQi+w6jdiAABAgR6EBB8PUzBG…PwbbXwfQIECBBIICD4EgxZiwQIECAQAoIvLFQzCeiFAAECPwgIvh9gvEyAAAECcwoIvjnnqisCBEJAReCLgOD7wuEfCBAgQGB2AcE3+4T1R4AAAQIhcKsE3w3BHwECBAjkERB8eWatUwIECBC4CQi+G4K/vwIeBAgQyCEg+HLMWZcECBAg8E9A8P2D8ESAQAioCMwsIPhmnq7eCBAgQOCbgOD7RuIFAgQIEAiB+SrBN99MdUSAAAECDwQE3wMcbxEgQIDAfAKCb/1MfZMAAQIEBhQQfAMOzZEJECBAYL2A4Ftv55sEQkBFgMAwAoJvmFE5KAECBAjsISD49lB0DQIECISAqnMBwdf5gByPAAECBPYVEHz7eroaAQIECHQucGjwdW7heAQIECCQQEDwJRiyFgkQIEAgBJbL+XT1YHD8DjBnbgfswLE7UKLPL74i4ZkAAQIEUgj8DwAA//9MG5N1AAAABklEQVQDAIitorr4qr9wAAAAAElFTkSuQmCC’ violates the following Content Security Policy directive: “img-src ‘self’ https://*.siemens.com/ *.walkme.com S3.walkmeusercontent.com D3sbxpiag177w8.cloudfront.net”. The policy is report-only, so the violation has been logged but no further action has been taken.
Hello @RichaArora,
Thank you for the details.
In older versions of DHTMLX Gantt (including 7.1.2), some UI icons are embedded directly into the CSS as data:image/... (base64). This was done intentionally so that Gantt works when only the JS and CSS files are deployed, without requiring additional image assets.
Because data: URLs are treated as image sources by the browser, a strict policy like img-src ‘self’ will report/block these images unless data: is allowed.
Alternatively, you may consider upgrading to a newer version. Starting from v9.0, we replaced most icon images with a web font, which significantly reduces CSP img-src issues related to embedded images.
Best regards,
Valeria Ivashkevich
DHTMLX Support Engineer