Title: Turnstile Console Error Tornado!
Last modified: May 16, 2026

---

# Turnstile Console Error Tornado!

 *  Resolved [meatsgood](https://wordpress.org/support/users/meatsgood/)
 * (@meatsgood)
 * [1 month ago](https://wordpress.org/support/topic/turnstile-console-error-tornado/)
 * I have used CF7 successfully for years on many sites. I changed from Google ReCaptcha
   to Cloudflare Turnstile when Google started getting pushy. Recently, I have discovered
   that all of my client sites that use CF7 and Turnstile produce an ERROR cascade
   in the console. It happens with the native integration panel as well as with 
   the Simple Turnstile Plugin. It happens on every site that uses CF7 and Turnstile
   together. I happens on two different hosting platforms and all browsers. It does
   NOT happen when I use Turnstile with WPForms. It does NOT happen when I use a
   Bricks form with Turnstile. My CF7 forms seem to be working, but I literally 
   get hundreds of errors (and warnings) that makes my console useless. Has anyone
   else seen this? It appears to be easily reproducible. I should mention, that 
   if I replace Turnstile integration with Google ReCaptcha integration, all errors
   go away. I really want to use Turnstile. It appears that maybe this is simply
   a matter of error handling in the CF7 plugin. Is that possible?

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [Web1776](https://wordpress.org/support/users/commareus/)
 * (@commareus)
 * [4 weeks ago](https://wordpress.org/support/topic/turnstile-console-error-tornado/#post-18912757)
 * I’m seeing the same on multiple sites.
 *     ```wp-block-code
       JQMIGRATE: Migrate is installed, version 3.4.1normal?lang=auto:1 normal?lang=auto:1 [Violation] Permissions policy violation: xr-spatial-tracking is not allowed in this document.Jo @ normal?lang=auto:1Understand this errornormal?lang=auto:1 [Violation] Permissions policy violation: xr-spatial-tracking is not allowed in this document.Jo @ normal?lang=auto:1Understand this errornormal?lang=auto:1 Request for the Private Access Token challenge.normal?lang=auto:1 Failed to parse audio contentType: audio/mp4; codecs=ac-3Jo @ normal?lang=auto:1Understand this warningnormal?lang=auto:1 Failed to parse audio contentType: audio/mp4; codecs=ec-3Jo @ normal?lang=auto:1Understand this warningnormal?lang=auto:1 Invalid (ambiguous) video codec string: video/webm; codecs=vp9Jo @ normal?lang=auto:1Understand this warningnormal?lang=auto:1 Failed to parse video contentType: video/ogg; codecs=theoraJo @ normal?lang=auto:1Understand this warningnormal?lang=auto:1 Form submission canceled because the form is not connectedJo @ normal?lang=auto:1Understand this warningnormal?lang=auto:1 This document requires 'TrustedHTML' assignment. The action has been blocked.Jm @ normal?lang=auto:1Understand this errornormal?lang=auto:1 This document requires 'TrustedHTML' assignment. The action has been blocked.Jm @ normal?lang=auto:1Understand this errornormal?lang=auto:1 This document requires 'TrustedScript' assignment. The action has been blocked.Jo @ normal?lang=auto:1Understand this errornormal?lang=auto:1 This document requires 'TrustedScript' assignment. The action has been blocked.Jo @ normal?lang=auto:1Understand this errornormal?lang=auto:1 This document requires 'TrustedScriptURL' assignment. The action has been blocked.Jm @ normal?lang=auto:1Understand this errornormal?lang=auto:1 This document requires 'TrustedScriptURL' assignment. The action has been blocked.Jm @ normal?lang=auto:1Understand this errorabout:srcdoc:1 Executing inline script violates the following Content Security Policy directive 'script-src 'nonce-AvnBZ6e8SNQ00MbBM3oiSH' 'unsafe-eval''. Either the 'unsafe-inline' keyword, a hash ('sha256-eJGI0Ik4oYe/PKLDOt4wcN76wYs8h+Ew05pMzdY6xG8='), or a nonce ('nonce-...') is required to enable inline execution. The action has been blocked.Understand this errorabout:srcdoc:1 Executing inline script violates the following Content Security Policy directive 'script-src 'nonce-AvnBZ6e8SNQ00MbBM3oiSH' 'unsafe-eval''. Either the 'unsafe-inline' keyword, a hash ('sha256-eJGI0Ik4oYe/PKLDOt4wcN76wYs8h+Ew05pMzdY6xG8='), or a nonce ('nonce-...') is required to enable inline execution. The action has been blocked.Understand this errornormal?lang=auto:1 This document requires 'TrustedScript' assignment. The action has been blocked.Jo @ normal?lang=auto:1Understand this errornormal?lang=auto:1 This document requires 'TrustedScript' assignment. The action has been blocked.Jo @ normal?lang=auto:1Understand this errornormal?lang=auto:1 The resource https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate as value and it is preloaded intentionally.Understand this warningnormal?lang=auto:1 The resource https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate as value and it is preloaded intentionally.
       ```
   
 *  Thread Starter [meatsgood](https://wordpress.org/support/users/meatsgood/)
 * (@meatsgood)
 * [4 weeks ago](https://wordpress.org/support/topic/turnstile-console-error-tornado/#post-18912764)
 * Yes, my impression at this point is that this is normal operation for Turnstile.
   See my post on the WordPress subReddit. My last comment links to the Cloudflare
   login page, which uses Turnstile. Wouldn’t you know it, error tornado happens
   there as well. Some people have suggested that this is a byproduct of their validation
   process, which essentially is trying to throw errors to prove you are a real 
   user on a real browser. Weirdly, they (Cloudflare) don’t seem to answer the multitude
   of posts on this topic in their own forum. Here’s the link: [https://www.reddit.com/r/Wordpress/comments/1tfyhtf/comment/ommm4xn/?context=1](https://www.reddit.com/r/Wordpress/comments/1tfyhtf/comment/ommm4xn/?context=1).
   It is curious to me that I don’t see the error tornado on sites that use WPForms,
   even when I use Turnstile on them. Perhaps there is a way to muffle that output,
   but only WPForms employs it?

Viewing 2 replies - 1 through 2 (of 2 total)

You must be [logged in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fturnstile-console-error-tornado%2F%3Foutput_format%3Dmd&locale=en_US)
to reply to this topic.

 * ![](https://ps.w.org/contact-form-7/assets/icon.svg?rev=2339255)
 * [Contact Form 7](https://wordpress.org/plugins/contact-form-7/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/contact-form-7/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/contact-form-7/)
 * [Active Topics](https://wordpress.org/support/plugin/contact-form-7/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/contact-form-7/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/contact-form-7/reviews/)

## Tags

 * [reCAPTCHA](https://wordpress.org/support/topic-tag/recaptcha/)

 * 2 replies
 * 2 participants
 * Last reply from: [meatsgood](https://wordpress.org/support/users/meatsgood/)
 * Last activity: [4 weeks ago](https://wordpress.org/support/topic/turnstile-console-error-tornado/#post-18912764)
 * Status: resolved