You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Safari bug, The source list for Content Security Policy directive 'script-src' contains an invalid source: ''strict-dynamic''. It will be ignored. 4
#23
Closed
arelaxend opened this issue
Sep 19, 2018
· 3 comments
And now, I am still getting the following error... unbelievable
Refused to load https://www.google.com/recaptcha/api2/anchor?ar=1&k=***=fr&v=v1536705955372&size=invisible&badge=inline&cb=*** because it does not appear in the frame-src directive of the Content Security Policy.
Ok, I found that is might or might not be relevant.
In their demo, https://www.google.com/recaptcha/api2/demo?invisible=true
They put a nonce for the script, and content-security-policy: script-src 'report-sample' 'nonce-zPUGd9Hi6LE/jcyMULaEIKJTCDU' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
Dear contributors,
The source list for Content Security Policy directive 'script-src' contains an invalid source: ''strict-dynamic''. It will be ignored.
The bug appears in the "demo" link of the page.
On Safari Version 12.0 (13606.2.11)
A.
Edit: reference here google/google-api-javascript-client#397
The text was updated successfully, but these errors were encountered: