I’m seeing the following in the script console:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://forum.level1techs.com/logs/ https://forum.level1techs.com/sidekiq/ https://forum.level1techs.com/mini-profiler-resources/ https://forum.level1techs.com/assets/ https://forum.level1techs.com/brotli_asset/ https://forum.level1techs.com/extra-locales/ https://forum.level1techs.com/highlight-js/ https://forum.level1techs.com/javascripts/ https://forum.level1techs.com/plugins/ https://forum.level1techs.com/theme-javascripts/ https://forum.level1techs.com/svg-sprite/ 'sha256-hzxbmvze6p3mvhdzlfai9cumlh+qwx6bnt3qtwnpatg='". Either the 'unsafe-inline' keyword, a hash ('sha256-HZxBMVZe6P3MvHDZlFai9cUmLH+qwX6BNT3qTwNPATg='), or a nonce ('nonce-...') is required to enable inline execution.
If I switch to incognito this error is not present.
I’m on Fedora 37 using Chrome Version 108.0.5359.124 (Official Build) (64-bit)
Here’s a screenshot of the code in question:
FWIW, I also have the exact same issue with HAProxy’s discourse as well.
Brave browser or ?
Theres a bugged regex in brave rn, not us/on our end.
Oh, you said chrome. Interesting. I should look closer, but this is the same block of code brave choked on
1 Like
It’s also worth noting, i just upgraded to the latest (109.0.5414.119-1) from the official google-chrome rpm repo: baseurl=https://dl.google.com/linux/chrome/rpm/stable/x86_64
And I’m still seeing the issue.
That said, I did just try the latest beta build (110.0.5481.52-1) and that one does seem to be fixed. That may temper your Friday night response (if any) to this.
1 Like
So, I found the issue with my browser. It was an extension. Something like Auto Youtube Quality (because, for some reason, youtube thinks that I wanna watch 480p, even though I pay for premium). Disabled it and all is good in the world.
Explains why stable builds were broken, but beta worked just fine. Because that extension wasnt installed in beta.
The plugin didnt even work consistently, so good riddance.
1 Like
Any other issues on other sites? It is baffling to me that this would have only affect Level1’s forum. Were there any other Discourse forums that you visited while you were experiencing this problem? Did they work without issue?
Yeah, as mentioned, I saw it on HAProxy’s forum. I’m not sure how long that plugin was having that affect, but I was troubleshooting HAProxy’s K8s ingress controller 2 weeks ago, and that was the first time I’d seen a site completely unresponsive and not start working after pausing my ad blocker(s).
I’ve seen this happen a few times with adblockers, so that’s always my knee-jerk reaction, just disable adblock and the site usually works like normal again.
I didn’t report it on HAProxy’s forum because I’ve never really been an active member there, even though i’ve forked their code base a few times in my past, but here, since i’ve been an active member, and I know wendell goes out of his way to make sure the forum experience is as good as it can be, I reported it.
The way the error was presented didn’t APPEAR to be a plugin issue, but the fact that I was able to reproduce it at will by just toggling the plugin, seems to be the smoking gun.
Apologies for the failure in reading comprehension; you did clearly state that in your post.
Strange, since discourse.haproxy.org. is as innocuous a domain as forum.level1techs.org.; maybe the add on is active for all domains, not just youtube.com. and youtube-nocookie.com.?
That would be rather reckless.
indeed. that realization caused me to uninstall it immediately.