Wordpress-seo: Problem with Content Security Policy directive: "worker-src 'none'" and wp-seo-analysis-worker-810.min.js
- [x] I've searched for any related issues and avoided creating a duplicate issue.
Please give us a description of what happened.
I get this reports when I edit a post and yoast plugin is active:
Chrome:
[Report Only] Refused to create a worker from 'http://example.test/wp-content/plugins/wordpress-seo/js/dist/wp-seo-analysis-worker-810.min.js' because it violates the following Content Security Policy directive: "worker-src 'none'".
Firefox:
Content Security Policy: Die Bericht-URI (about:blank) sollte eine HTTP- oder HTTPS-URI sein.
Content Security Policy: Die Einstellungen der Seite haben das Laden einer Ressource auf http://example.test/wp-content/plugins/wordpress-seo/js/dist/wp-seo-analysis-worker-810.min.js festgestellt ("worker-src"). Ein CSP-Bericht wird gesendet.
Please describe what you expected to happen and why.
Is this a bug or can I ignore this message? Local issue only?
- Technical info
XAMPP with local environment
WordPress: 4.9.8
YOAST: 8.1
PHP: 7.2
Which editor is affected
[x] Classic Editor
Which browser is affected (or browsers):
- [x] Chrome
[x] Firefox
Tested with theme / plugins:
[x] Twenty Seventeen and no other plugins as yoast
GitHub-Mike
All 2 comments
You should be able to fix this by changing the worker-src directive to your own URL.
benvaassen
on 29 Aug 2018
It is a problem with uMatrix. It sets worker-src on 'none' and shows a report for all worker threads in the console.
See in uMatrix Thread on GitHub: Disabling filtering still applies CSP policy
GitHub-Mike
on 29 Aug 2018
Related issues
JoshuaPotter
路
4Comments
Chouby
路
4Comments
tholu
路
3Comments
stayallive
路
4Comments
moorscode
路
6Comments
Most helpful comment
It is a problem with uMatrix. It sets worker-src on 'none' and shows a report for all worker threads in the console.
See in uMatrix Thread on GitHub: Disabling filtering still applies CSP policy