recaptcha_v3 causing Content Security Policy: Ignoring “'unsafe-inline'”
yoshie902a opened this issue · comments
When placing recaptcha_tags or recaptcha_v3 in my view, I now get a ton of console warnings that did not previously exist...
21:56:10.619 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:10.619 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:10.619 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:10.628 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:10.628 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:10.628 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:10.642 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:10.642 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:10.642 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:10.655 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:10.655 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:10.655 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:10.659 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:10.659 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:10.659 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:10.674 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:10.674 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:10.674 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:10.691 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:10.691 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:10.691 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:10.746 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:10.746 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:10.746 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:12.516 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:12.516 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:12.516 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:12.516 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:12.516 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:12.516 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:12.712 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:12.712 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:12.712 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
etc.
any idea how to fix that ?
…On Fri, Feb 26, 2021 at 8:03 PM yoshie902a ***@***.***> wrote:
When placing recaptcha_v3 in my view, I now get a ton of console warnings
that did not previously exist...
21:56:10.619 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:10.619 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:10.619 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:10.628 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:10.628 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:10.628 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:10.642 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:10.642 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:10.642 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:10.655 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:10.655 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:10.655 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:10.659 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:10.659 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:10.659 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:10.674 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:10.674 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:10.674 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:10.691 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:10.691 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:10.691 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:10.746 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:10.746 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:10.746 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:12.516 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:12.516 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:12.516 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:12.516 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:12.516 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:12.516 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
21:56:12.712 Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
21:56:12.712 Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
21:56:12.712 Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
etc.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#386>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAACYZYH7VRCDZQ6LYYE2J3TBBVKTANCNFSM4YJQPHGA>
.
No, I wish I did, otherwise I would create a PR for it.