Apollo Client and Content Security Policy


I am using the Apollo Client to query data from Strapi, our headless CMS.

My team added a metatag to our index.html header to prevent a Mixed Content warning that resulted in their gtags being blocked.

<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">

However, now, my Apollo Client is getting blocked as Apollo Client requests via HTTP (Advanced HTTP networking - Client (React) - Apollo GraphQL Docs). Is there any way to get my Apollo Client functional again?

const httpLink = new HttpLink({ uri: `${config.STRAPI_EC2_INSTANCE_IP}/graphql`, useGETForQueries: true })

const client = new ApolloClient({
    link: httpLink,
    cache: new InMemoryCache()


<ApolloProvider client={client}>

Can you clarify what you mean by “getting” blocked? Does this mean your server is blocking the incoming requests, Apollo Client is itself choking, or something else?

Hi. I get a net::ERR_CONNECTION_REFUSED error on my GraphQL GET request query. My Apollo Client is blocked from getting fetching a GET query (Queries - Client (React) - Apollo GraphQL Docs).

Console Tab

Network Tab