cjyabraham
commented
4 years ago Thanks for pointing this out. I've done some testing in Safari today on this:
- a straight form fill successfully got into the SF campaign
- a form fill with CAPTCHA popup check successfully got into the SF campaign
- a form fill that doesn't have CAPTCHA installed successfully DID NOT get into the SF campaign
So it appears that it is working correctly despite these errors. I'll close but let me know if you have any further concerns.
I noticed there were some errors being thrown on LFE only in Safari browser -
[Error] The source list for Content Security Policy directive 'script-src' contains an invalid source: ''strict-dynamic''. It will be ignored. [Error] Refused to execute a script because its hash, its nonce, or 'unsafe-inline' does not appear in the script-src directive of the Content Security Policy. (anchor, line 0) [Error] The source list for Content Security Policy directive 'script-src' contains an invalid source: ''strict-dynamic''. It will be ignored. (x8)
Tested on this page https://events.linuxfoundation.org/kubecon-cloudnativecon-north-america/
Did a quick search, seems it's a Safari problem regarding CSP 3.0 compliance with recaptcha
I wonder if there is an easy way to test recaptcha was working properly for Safari users, as from what I can see I don't think the script will work and therefore auto-reject or auto-approve messages for spam, neither of which is ideal.