Menu
Feedback
Start here
Tutorials
Developer portal
Known Issues
Support Rules
Troubleshooting
Frequently Asked Questions
Announcements
Known issues
Console error [Report Only] - Refused to apply inline style because it violates the following Content Security
Console error [Report Only] - Refused to apply inline style because it violates the following Content Security
ID: 1017370
Backlog
Published on 4/16/2024
Last update on 4/16/2024

Summary

We have some logs in the console reporting script blocks due to restrictions via the CSP header. The inline style calls to the host io2.vtex.com have this blocking log because it is not released in the CSP of the previous host, thus generating error messages in the console.

[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' https://io.vtex.com.br https://.vtex.com.br https://.vtexpayments.com.br https://.myvtex.com https://.vtexcommercestable.com.br https://.vtexcommercebeta.com.br https://.vteximg.com.br https://*.vtexassets.com 'report-sample'". Either the 'unsafe-inline' keyword, a hash ('sha256-AdqydPwVZwz4OteEhuvEEzsFBDTM/J6q0/ZlIWf9Wr4='), or a nonce ('nonce-...') is required to enable inline execution.

Simulation

  1. Go to store checkout;
  2. Open the console and check the report messages;

Workaround

N/A

Contributors
2
Photo of the contributor
Photo of the contributor
+ 2 contributors
Contributors
2
Photo of the contributor
Photo of the contributor
+ 2 contributors
On this page
Still got questions?
Ask the community
Find solutions and share ideas in the VTEX community.
Join our community
Request support from VTEX
For personalized assistance, contact our experts.
Open a support ticket
GithubDeveloper portalCommunityFeedback