@pixeldrift wrote:
So I’m finally getting an accurate report of the actual error the ad service is getting:
Refused to load the script ‘http://tumult.com/hype/runtime/HYPE-578.thin.min.js’ because it violates the following Content Security Policy directive: “script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com ‘unsafe-eval’ ‘unsafe-inline’ https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/”.
Does that mean they are blocking all external links to prevent potential cross-site scripting attacks? Or is there a different way I should be doing this?
Posts: 9
Participants: 4