Vyhľadajte odpoveď

Vyhnite sa podvodom s podporou. Nikdy vás nebudeme žiadať, aby ste zavolali alebo poslali SMS na telefónne číslo alebo zdieľali osobné informácie. Nahláste prosím podozrivú aktivitu použitím voľby “Nahlásiť zneužitie”.

Learn More

Content Security Policy blocking external script

  • 5 odpovedí
  • 0 má tento problém
  • 54 zobrazení
  • Posledná odpoveď od cor-el

more options

Hello,

I am experiencing an issue when accessing my website using Firefox on Mac.

The browser blocks the loading of an external Google Adsense script, logging the following error: "Content Security Policy: The page's settings blocked the loading of a resource". Here is an example URL:

https://www.varbes.com/

To my understanding, the site does not have a Content Security Policy ('CSP'). We don't send a CSP network header or in the HTML, so am at a bit of a loss as to how I debug this.

I don't see the same issue using Firefox on Windows, or with Chrome, Edge or Safari. I have performed a fresh install of Firefox on my Mac to make sure no extensions are causing the issue.

Other websites seem to be running the same AdSense code okay.

Any suggestions would be greatly appreciated.

Many thanks, Matt

Hello, I am experiencing an issue when accessing my website using Firefox on Mac. The browser blocks the loading of an external Google Adsense script, logging the following error: "Content Security Policy: The page's settings blocked the loading of a resource". Here is an example URL: https://www.varbes.com/ To my understanding, the site does not have a Content Security Policy ('CSP'). We don't send a CSP network header or in the HTML, so am at a bit of a loss as to how I debug this. I don't see the same issue using Firefox on Windows, or with Chrome, Edge or Safari. I have performed a fresh install of Firefox on my Mac to make sure no extensions are causing the issue. Other websites seem to be running the same AdSense code okay. Any suggestions would be greatly appreciated. Many thanks, Matt

Všetky odpovede (5)

more options

That data is probably blocked by ETP.

Firefox shows a purple shield instead of a gray shield at the left end of the location/address bar in case Enhanced Tracking Protection is blocking content.

  • click the shield icon for more detail and possibly disable the protection

You can check the Web Console for relevant-looking messages about blocked content.

Pomohla vám táto odpoveď?

more options

Hi cor-el,

Thanks for responding to my problem.

I have just tried the site with ETP turned off and am still seeing the scripts blocked on Firefox for Mac due to CSP violations - I don't see this on Firefox for Windows with ETP on or off.

I have attached a screenshot of the network and console log on Mac to show the difference. I have turned ETP off so the beacon tracking requests are allowed.

Many thanks, Matt

Pomohla vám táto odpoveď?

more options

For me that item is blocked by ETP and get a crossed shield with ETP disabled.

Pomohla vám táto odpoveď?

more options

The script doesn't look blocked in your latest screenshot - it is the third last item (120kb script from domain pagead2... with a file name 'show_ads_...'. This script is only blocked on Firefox for Mac browsers from my tests.

The request that is being blocked in your screenshot is a tracking request -- this is fine as it doesn't break the site functionality (but blocked the script does affect site functionality).

Thanks, Matt

Pomohla vám táto odpoveď?

more options

What I meant to show is that the two pagead2 you mention have the shield. I'm not sure why there is still one left as blocked by tracking when ETP is disabled via the shield. Firefox can replace some tracking related files by shimmed versions that have limited effect (i.e. they let the caller believe that it worked successful).

Pomohla vám táto odpoveď?

Položiť otázku

Ak chcete odpovedať na príspevky, musíte sa prihlásiť do svojho účtu. Ak ešte nemáte účet, položte novú otázku.