Warning: A cookie associated with a cross-site resource…

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Author Takayuki Miyoshi

    (@takayukister)

    4 years, 6 months ago

    Where can we see the website?

    Thread Starter Oleg Meglin

    (@omeglin)

    4 years, 6 months ago

    Sure. Pretty much every WordPress with installed Contact Form 7 and activated Google reCAPTCHA. I’ve just created a fresh installation for better understanding:
    https://demo.megl.in

    The above page is a complete fresh installation without any other plugins installed.

    Additionally, I tested it in other browsers. With the following result:

    Firefox (v69.0.2)
    Content Security Policy: Ignorieren von “‘unsafe-inline'” innerhalb script-src: ‘strict-dynamic’ angegeben
    Content Security Policy: Ignorieren von “https:” innerhalb script-src: ‘strict-dynamic’ angegeben
    Content Security Policy: Ignorieren von “http:” innerhalb script-src: ‘strict-dynamic’ angegeben
    Content Security Policy: Ignorieren von “‘unsafe-inline'” innerhalb script-src: ‘strict-dynamic’ angegeben
    Content Security Policy: Ignorieren von “https:” innerhalb script-src: ‘strict-dynamic’ angegeben
    Content Security Policy: Ignorieren von “http:” innerhalb script-src: ‘strict-dynamic’ angegeben
    Content Security Policy: Ignorieren von “‘unsafe-inline'” innerhalb script-src: ‘strict-dynamic’ angegeben
    Content Security Policy: Ignorieren von “https:” innerhalb script-src: ‘strict-dynamic’ angegeben
    Content Security Policy: Ignorieren von “http:” innerhalb script-src: ‘strict-dynamic’ angegeben

    Safari (v12.1.2)
    [Error] The source list for Content Security Policy directive ‘script-src’ contains an invalid source: ”strict-dynamic”. It will be ignored.
    [Error] The source list for Content Security Policy directive ‘script-src’ contains an invalid source: ”strict-dynamic”. It will be ignored. (x2)

    Obviously, the problem should be the Google ReCAPTCHA script. Any suggestions for a workaround?

    diamondrcreative

    (@diamondrcreative)

    4 years, 6 months ago

    Having same issue. https://diamondrcreative.com/

    joelramirezleal

    (@joelramirezleal)

    4 years, 5 months ago

    Me sucede lo mismo

    adavenue2015

    (@adavenue2015)

    4 years, 5 months ago

    I have the same issue, it been over a month; any update?

    gadeas

    (@gadeas)

    3 years, 12 months ago

    Hello,

    Any news on this? Chrome v80 is already out and there’s no fix for this yet?
    https://www.chromium.org/updates/same-site

    Thread Starter Oleg Meglin

    (@omeglin)

    3 years, 10 months ago

    Hi guys,

    I don’t have a solution, but I have a workaround to reduce the warning only to the pages with a contact form:

    
/**
 * Removes the CF7 scripts if the shortcode is not on the page
 */
function mm_deregister_cf7_scripts() {
    if (class_exists('WPCF7')) {
        global $wp_query;
        $content = '';

        if ($wp_query->post) :
            $content = $wp_query->post->post_content;
        endif;

        if (!has_shortcode($content, 'contact-form-7')) {
            wp_deregister_script('google-recaptcha');
            wp_deregister_script('contact-form-7');
        }
    }
}

add_action('wp_enqueue_scripts', 'mm_deregister_cf7_scripts');

    This workaround also has the additional advantage that the CF7 JavaScript is not loaded unnecessarily.

    • This reply was modified 3 years, 10 months ago by Oleg Meglin.
Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Warning: A cookie associated with a cross-site resource…’ is closed to new replies.