We’re currently trying to integrate the payment provider Steady – People-Powered Media into our discourse site. Unfortunately, I don’t get their javascript code past our content security policy. I whitelisted every domain I could find in the code, but still get this in the developer console:
Everything works as expected, when I deactivate the content security policy, so this was the best guess I could come up with. Thanks for the hint! Do you have a tip on how to solve this?