fixed csp for local

src/Services/Identity/Identity.API/Startup.cs

@@ -121,10 +121,10 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API
 
             app.UseStaticFiles();
 
-            // Make work identity server redirections in Edge and lastest versions of browsers. WARN: Not valid in a production environment.
+            // TODO Make work identity server redirections in Edge and lastest versions of browsers. WARN: Not valid in a production environment.
             app.Use(async (context, next) =>
             {
-                context.Response.Headers.Add("Content-Security-Policy", "script-src 'unsafe-inline'");
+                context.Response.Headers.Add("Content-Security-Policy", "script-src 'self' http://host.docker.internal:5105; script-src-elem 'self' http://host.docker.internal:5105");
                 await next();
             });
 

src/Services/Identity/Identity.API/Views/Shared/_Layout-SPA.cshtml

@@ -3,7 +3,6 @@
 <head>
     <meta charset="utf-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta http-equiv="Content-Security-Policy" content="script-src 'unsafe-inline'; script-src-elem 'unsafe-inline'">
     <title>eShopOnContainers - Identity</title>
     <link rel="icon" type="image/x-icon" href="~/favicon.ico" />
     <link rel="shortcut icon" type="image/x-icon" href="~/favicon.ico" />

src/Services/Identity/Identity.API/Views/Shared/_Layout.cshtml

@@ -3,7 +3,6 @@
 <head>
     <meta charset="utf-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta http-equiv="Content-Security-Policy" content="script-src 'unsafe-inline'; script-src-elem 'unsafe-inline'">
     <title>eShopOnContainers Identity</title>
     <link rel="icon" type="image/x-icon" href="~/favicon.ico" />
     <link rel="shortcut icon" type="image/x-icon" href="~/favicon.ico" />

src/Services/Identity/Identity.API/Views/Shared/_ValidationScriptsPartial.cshtml

@@ -1,10 +1,10 @@
 <environment names="Development">
-    <script src="~/lib/jquery-validation/dist/jquery.validate.js"></script>
+    <script src="~/lib/jquery-validate/jquery.validate.js"></script>
     <script src="~/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.js"></script>
 </environment>
 <environment names="Staging,Production">
     <script src="https://ajax.aspnetcdn.com/ajax/jquery.validate/1.14.0/jquery.validate.min.js"
-            asp-fallback-src="~/lib/jquery-validation/dist/jquery.validate.min.js"
+            asp-fallback-src="~/lib/jquery-validate/jquery.validate.min.js"
             asp-fallback-test="window.jQuery && window.jQuery.validator">
     </script>
     <script src="https://ajax.aspnetcdn.com/ajax/jquery.validation.unobtrusive/3.2.6/jquery.validate.unobtrusive.min.js"

src/Services/Identity/Identity.API/wwwroot/_references.js

@@ -1,6 +1,6 @@
 /// <autosync enabled="true" />
 /// <reference path="js/site.js" />
 /// <reference path="lib/bootstrap/dist/js/bootstrap.js" />
-/// <reference path="lib/jquery/dist/jquery.js" />
-/// <reference path="lib/jquery-validation/dist/jquery.validate.js" />
+/// <reference path="lib/jquery/jquery.js" />
+/// <reference path="lib/jquery-validate/jquery.validate.js" />
 /// <reference path="lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.js" />