Sales have been sparse to say the least, so I loaded up my cart into chrome developer tools and tried to carry out a transaction.
I got to Checkout, I pressed the PayPal button to pay as if I was a customer, then in red text it said:
"Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'nonce-k15+INCZVg7o7jaoAKYAjzuRwDX5d1znyJLdU7cD/IJugOJ4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
shoppingcart:165 GET https://www.paypalobjects.com/web/res/689/e540cd0d97b734a7f5b21784b8fb7/css/styles.css net::ERR_ABORTED 404"
Apparently the button violates a security somewhere along the line, here's the explanation:
"Content Security Policy blocks inline execution of scripts and stylesheets"
Has anyone suffered similarly?
What is an inline execution? It sounds pretty grim.
I'd be really grateful if someone has encountered this fault and if they cured it?
Steve
