Logging in with Sandbox account fails silently, appears to CSP failure in chrome

oldboysmith
Contributor
Contributor
Posted on
‎Apr-08-2023 10:27 AM

I have a subscribe button, that works fine with live, but when I use my personal sandbox account the PayPal javascript causes this error:

"Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'nonce-...' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 

 

The lines in question appear to be these:

 

<script src="https://www.paypalobjects.com/web/res/6c9/f8e157a9463713ebc4806df66bb2b/js/framework.js" onload="scriptload('framework', event)" crossorigin="anonymous"></script>

<script src="https://www.paypalobjects.com/web/res/6c9/f8e157a9463713ebc4806df66bb2b/js/config.js" onload="scriptload('config', event)" onerror="scripterror(event)"></script>
<script src="https://www.paypalobjects.com/web/res/6c9/f8e157a9463713ebc4806df66bb2b/js/main.js" onload="scriptload('main', event)" crossorigin="anonymous"></script>

 

 

The onload seems to violate chrome's CSP

 

Login to Me Too
0 Kudos
Login to Reply or Kudo
1 REPLY 1

oldboysmith
Contributor
Contributor
‎Apr-09-2023 03:05 AM

On further investigation they are not related, it just seems not to be recognising my sandbox account

Login to Me Too
0 Kudos
Login to Reply or Kudo

Haven't Found your Answer?

It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.