Where did you install Firefox from? Help Mozilla uncover 3rd party websites that offer problematic Firefox installation by taking part in our campaign. There will be swag, and you'll be featured in our blog if you manage to report at least 10 valid reports!

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Wannan tattunawa ta zama daɗaɗɗiya. Yi sabuwar tambaya idan ka na bukatar taimako.

Why does Firefox block loading of a resource at inline (“script-src”).

  • Babu amsoshi
  • 1 yana da wannan matsala
  • 7 views
Ambyo
Ambyo
more options

I have content security policy headers defined for my site. However, I have nothing defined for script-src. When I load a certain page from my site in Firefox 76.0 I see the following messages in the console:

Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). 8 utils.js:35:9 Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). 2 gps.js:231:11 Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). 4 utils.js:35:9 Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). gps.js:231:11 Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). 3 utils.js:35:9

When I load the same page in Chromium, I see no such messages in the console.

Furthermore, there are no utils.js and gps.js scripts in the source of the loaded page. Finally, I see no problems with the display or the functionality of the page. Clearing all the cookies and the caches (local and server) has no impact on this issue. There are many other javascripts on the page, both inline and not, which do not appear to be affected but the existing settings.

So, my questions: 1) Why do these messages appear? 2) Is this an issue that I need to fix or can I safely ignore it? 3) what do the numbers after the script names mean? (gps.js:231:11 utils.js:35:9)

I have content security policy headers defined for my site. However, I have nothing defined for script-src. When I load a certain page from my site in Firefox 76.0 I see the following messages in the console: Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). 8 utils.js:35:9 Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). 2 gps.js:231:11 Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). 4 utils.js:35:9 Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). gps.js:231:11 Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). 3 utils.js:35:9 When I load the same page in Chromium, I see no such messages in the console. Furthermore, there are no utils.js and gps.js scripts in the source of the loaded page. Finally, I see no problems with the display or the functionality of the page. Clearing all the cookies and the caches (local and server) has no impact on this issue. There are many other javascripts on the page, both inline and not, which do not appear to be affected but the existing settings. So, my questions: 1) Why do these messages appear? 2) Is this an issue that I need to fix or can I safely ignore it? 3) what do the numbers after the script names mean? (gps.js:231:11 utils.js:35:9)