Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Why does Firefox block loading of a resource at inline (“script-src”).

  • No replies
  • 1 has this problem
  • 4 views
more options

I have content security policy headers defined for my site. However, I have nothing defined for script-src. When I load a certain page from my site in Firefox 76.0 I see the following messages in the console:

Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). 8 utils.js:35:9 Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). 2 gps.js:231:11 Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). 4 utils.js:35:9 Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). gps.js:231:11 Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). 3 utils.js:35:9

When I load the same page in Chromium, I see no such messages in the console.

Furthermore, there are no utils.js and gps.js scripts in the source of the loaded page. Finally, I see no problems with the display or the functionality of the page. Clearing all the cookies and the caches (local and server) has no impact on this issue. There are many other javascripts on the page, both inline and not, which do not appear to be affected but the existing settings.

So, my questions: 1) Why do these messages appear? 2) Is this an issue that I need to fix or can I safely ignore it? 3) what do the numbers after the script names mean? (gps.js:231:11 utils.js:35:9)

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.