Community portal: Difference between revisions
From WikiOasis Meta
More actions
No edit summary |
|||
| Line 617: | Line 617: | ||
:<code>Loading the script 'https://js.sentry-cdn.com/8d12d310c7d40b6b4d8c8989e36a7b5a.min.js' violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.wikioasis.org https://*.newrelic.com https://*.wikimedia.org https://*.wikipedia.org https://*.cloudflareinsights.com https://hcaptcha.com https://*.hcaptcha.com https://*.miraheze.org https://*.googletagmanager.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. The action has been blocked.</code> [[User:ExcaliburVance-Force|ExcaliburVance-Force]] ([[User talk:ExcaliburVance-Force|talk]]) 02:08, 24 April 2026 (UTC) | :<code>Loading the script 'https://js.sentry-cdn.com/8d12d310c7d40b6b4d8c8989e36a7b5a.min.js' violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.wikioasis.org https://*.newrelic.com https://*.wikimedia.org https://*.wikipedia.org https://*.cloudflareinsights.com https://hcaptcha.com https://*.hcaptcha.com https://*.miraheze.org https://*.googletagmanager.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. The action has been blocked.</code> [[User:ExcaliburVance-Force|ExcaliburVance-Force]] ([[User talk:ExcaliburVance-Force|talk]]) 02:08, 24 April 2026 (UTC) | ||
== On CSP limitations: == | |||
Could we allowlist www.mediawiki.org and cdn.jsdelivr.net in the CSP configuration? I'm trying to load some common JS tools but they are currently being blocked by the security policy. [[User:PandaFiredoge|PandaFiredoge]] ([[User talk:PandaFiredoge|talk]]) 11:12, 23 April 2026 (UTC) | |||