We have a problem in safari that does not load recaptcha. We found out that it's related to prevent cross site tracking setting on safari website tracking setting (image below):
Now we are looking for a solution to resolve this problem without forcing users to disable this setting.
This is what we get on safari:
and the console error on safari:
The source list for Content Security Policy directive 'script-src' contains an invalid source: ''strict-dynamic''. It will be ignored.
And the error only shows up when I load a subpage. Im getting this error and I donĀ“t know why
The source list for Content Security Policy directive 'script-src' contains an invalid source: ''strict-dynamic''. It will be ignored.
It's not an error, just a warning that you browser does not support the 'strict-dynamic' token. (guess you use Safari).
I guess that subpage is a some Google's iframe (oAuth2, reCaptcha, etc). That iframe publush it's own CSP wich contains the 'strict-dynamic' token and this CSP was created in browsers backward compatibility mode (Google make such).
Folks, I've been experiencing this problem for a long time, and none of the prior interventions did anything. However, this one is the culprit. For the time being, I've disabled this check-box, and the problem cleared.
Thank you.
Dick Charlotte
