Estou obtendo erro de CSP ao tentar adicionar um vídeo do VIMEO incorporado em um iframe.
HTML:
<div>
<iframe id="frame" [src]="this.sanitizer.bypassSecurityTrustResourceUrl('https://player.vimeo.com/video/ID-VIMEO')" width="100%"
height="200px;" frameborder="0" webkitallowfullscreen mozallowfullscreen allowfullscreen allow="autoplay; fullscreen"></iframe>
</div>
Já coloquei no index.html a metatag:
<meta http-equiv="Content-Security-Policy" content="default-src * gap:; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src *; img-src * data: blob: android-webview-video-poster:; style-src * 'unsafe-inline';">
config.xml
<allow-intent href="android-webview-video-poster:*" />
<allow-navigation href="*" />
Também testei o plugin ngx-embed-video como no repositório:
ngx-embed-video-example
Mesmo assim obtenho o erro:
Refused to load the image 'android-webview-video-poster:default_video_poster/***************’ because it violates the following Content Security Policy directive: "img-src ‘self’ data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://.ci.vimeows.com https://f.vimeocdn.com"
Alguém consegue me ajudar?