Sometimes you may see some Content Security Policy reports in the console, but don’t know where they coming from. Here are the examples:

Refused to load the script 'https://www.pagespeed-mod.com/v1/taas?id=cs&ak=32b001198a46647f164402ebaec7a88c&si=d07acaa3a5ff4a4f99b12b98acafe347&tag=1005&rand=KnrmIY4tBAkBREOs1UqShwYntmoI22du&ord=4533030624845573' because it violates the following Content Security Policy directive: "script-src 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Refused to load the script 'https://www.google-analytics.com/analytics.js' because it violates the following Content Security Policy directive: "script-src 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-34B604LFFQ' because it violates the following Content Security Policy directive: "script-src 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

The above reports come from the Chrome extension called Foxified.

How do we find who’s the owner

Following steps can help:

  • Disable all browser extensions and reload the page. If the issue disappeared then it’s all about one of your installed browser extensions.
  • Try incognito mode to check the difference.

Comments

You can leave a response, or trackback from your own site.

Before you add comment see for rules.

Leave a Reply

Your email address will not be published. Required fields are marked *

1t2p7a