Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Content security policy is not allowing page to be loaded
See original GitHub issue- Cypress Version: 2.1.0
Normally we are able to strip content security policies, but there is something about this url that is causing this to error.
it('example', () => {
cy.visit('https://login.yahoo.com/config/login?.src=flickrsignin&.pc=8190&.scrumb=0&.pd=c%3DH6T9XcS72e4mRnW3NpTAiU8ZkA--&.intl=in&.lang=en&.done=https%3A%2F%2Flogin.yahoo.com%2Fconfig%2Fvalidate%3F.src%3Dflickrsignin%26.pc%3D8190%26.scrumb%3D0%26.pd%3Dc%253DJvVF95K62e6PzdPu7MBv2V8-%26.intl%3Din%26.done%3Dhttp%253A%252F%252Fwww.flickr.com%252Fsignin%252Fyahoo%252F%253Fredir%253Dhttp%25253A%25252F%25252Fwww.flickr.com%25252F')
})
Error displayed:
Refused to execute inline script because it violates the following Content Security Policy
directive: "script-src 'self' 'unsafe-eval' ....Either the 'unsafe-inline' keyword,
a hash ('...'), or a nonce ('nonce-...') is required to enable inline execution.
Issue Analytics
- State:
- Created 5 years ago
- Reactions:2
- Comments:7 (3 by maintainers)
Top Results From Across the Web
The page's settings blocked the loading of a resource - Stack ...
A now deleted answer is correct. One reason for "Content Security Policy: The page's settings blocked the loading of a resource" is if ......
Read more >The page's settings blocked the loading of a resource: xyz ...
The warning "Content Security Policy: The page's settings blocked the loading of a resource: xyz" occurs when the page's CSP configuration ...
Read more >blocked:csp Understanding why CSP blocks resources
Content Security Policy: The page's settings blocked the loading of a resource at https://images.example.com/logo.png (“default-src”). So if we wanted to load ...
Read more >How to Set Up a Content Security Policy (CSP) in 3 Steps
A content security policy will prevent most script-injection attacks from occurring because it can be set up to limit JavaScript to loading only ......
Read more >Reportviewer was not able to load data when enabled ...
Hi @LiShiQuanNCS-8649,. After the content security policy is enabled. Browsers examine the sources of pages and determine whether they meet the ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Is there a workaround for this in the meantime?
@benpolinsky This error actually looks a bit different and is related to this issue: https://github.com/cypress-io/cypress/issues/3459