Impossibile far funzionare il tag script nel plugin delle landing page a causa di content-security-policy

inline js script tag isn’t being loaded due to csp and idk how to fix it.

There’s some information in this post that may help: Mitigate XSS Attacks with Content Security Policy

I’ve read through that and others but cannot piece together how to actually add the exception to the content_security_policy_script_src

Do you see an error concerning the script in your browser console? something like this?

A red error message in a web browser details a security policy violation preventing inline script execution, referencing directives and required keywords like 'unsafe-inline' or a nonce for enabling the script. (Captioned by AI)1280×132 27.9 KB

You’ll want to add that provided hash ('sha256-xxxxx') to the “content security policy script src” setting found in admin > all site settings

The error I was getting had nonce-s0m3h4sh in Firefox browser I wasn’t getting the sha256-s0m3h4sh. But when I just now looked in chrome it was the sha256 one. I suppose that was causing most of my confusion

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.