landing pages pluginでscript tagがcontent-security-policyのため機能しない

サポート
1

inline js script tag isn’t being loaded due to csp and idk how to fix it.

「いいね!」 2
2

There’s some information in this post that may help: Mitigate XSS Attacks with Content Security Policy

「いいね!」 1
3

I’ve read through that and others but cannot piece together how to actually add the exception to the content_security_policy_script_src

「いいね!」 1
4

Do you see an error concerning the script in your browser console? something like this?

A red error message in a web browser details a security policy violation preventing inline script execution, referencing directives and required keywords like 'unsafe-inline' or a nonce for enabling the script. (Captioned by AI)
A red error message in a web browser details a security policy violation preventing inline script execution, referencing directives and required keywords like 'unsafe-inline' or a nonce for enabling the script. (Captioned by AI)1280×132 27.9 KB

You’ll want to add that provided hash ('sha256-xxxxx') to the “content security policy script src” setting found in admin > all site settings

「いいね!」 1
5

The error I was getting had nonce-s0m3h4sh in Firefox browser I wasn’t getting the sha256-s0m3h4sh. But when I just now looked in chrome it was the sha256 one. I suppose that was causing most of my confusion

「いいね!」 2
6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.