Refused to send form data to 'https://example.com/customer/account/logout/'
because it violates the following Content Security Policy directive: "form-action
'self' secure.authorize.net test.authorize.net pilot-payflowlink.paypal.com
www.paypal.com www.sandbox.paypal.com *.facebook.com ".
I really don’t understand that I have added ‘https://example.com/’ into csp_whitelist by form-action. But it still does not work.