geoff-compknowhow
commented
6 months ago When looking into issue #1031 this morning, I encountered a similar error stack when running our app in an emulator.
Eventually, the errors just stopped happening
Closed DATEx2 closed 3 months ago
geoff-compknowhow
commented
6 months ago When looking into issue #1031 this morning, I encountered a similar error stack when running our app in an emulator.
Eventually, the errors just stopped happening
DATEx2
commented
6 months ago This is all we do - a bunch of iframes on the same page like this:
<iframe src="https://player.vimeo.com/video/891246844?h=391d297fb8" frameborder="0" allow="autoplay; fullscreen; picture-in-picture">
</iframe>
frausto
commented
6 months ago +1 We are seeing the same issue
rkrishnan8594
commented
6 months ago @DATEx2 If you're still encountering these errors, can you provide steps to reproduce? I'm not able to reproduce using the embed code you shared on desktop Chrome.
gintermaggio-am
commented
6 months ago @rkrishnan8594 We're seeing this issue specifically when we are injecting HTML into a React Native webview which loads the Vimeo SDK via CDN. Interestingly, we do not see the issue when we load a remote webpage into the webview which itself loads the SDK via our own bundle.
gintermaggio-am
commented
6 months ago Note that we've also verified:
DATEx2
commented
6 months ago We are not using REACT -> instead we are just adding the HTML IFRAME element via javascript to the DOM
DATEx2
commented
6 months ago You can see it being reporduced here https://datex2wd.bike/products/herox1?options=1,4,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1
rkrishnan8594
commented
6 months ago In order to investigate this, we'll need a standalone example (in an JSFiddle, Codepen, or something similar) in a sandbox environment where this issue is occurring. This issue shouldn't occur if the player is being loaded within an iframe.
achung89
commented
5 months ago I've put together a jsfiddle that consistently reproduces the error. It occurs in ~1/20 loads which is why there are multiple iframes. It may require a page reload for it to appear
planv
commented
3 months ago We have the same issue @rkrishnan8594
perrelet
commented
3 months ago Yeah I think we can all agree this is a thing.
@rkrishnan8594 Any updates on this?
marcellosilvestri
commented
3 months ago I'm getting the same too.
Loscho19
commented
3 months ago i have the same issues
gintermaggio-am
commented
3 months ago We're having the same problems over here.
rkrishnan8594
commented
3 months ago Hey folks, thanks for reporting issues you're experiencing. A couple of thoughts and updates:
We are getting a bunch of errors like this
What are we doing wrong? We are using simple iframes to render vimeo videos and these errors pop up in the console
` [Report Only] Refused to load the script '' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
888459704:34 [Report Only] Refused to load the script 'https://f.vimeocdn.com/p/4.33.5/js/player.module.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
888459704:35 [Report Only] Refused to load the script 'https://f.vimeocdn.com/p/4.33.5/js/vendor.module.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
888459704?h=c5387031da:107 [Report Only] Refused to load the script 'https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
window.loadScript @ 888459704?h=c5387031da:107 window.loadVUID @ 888459704?h=c5387031da:107 (anonymous) @ 888459704?h=c5387031da:118 Promise.then (async) (anonymous) @ 888459704?h=c5387031da:118 vendor.module.js:2 [Report Only] Refused to load the script 'https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
t.loadLibrary @ vendor.module.js:2 (anonymous) @ vendor.module.js:2 t.setup @ vendor.module.js:2 n.init @ player.module.js:2 (anonymous) @ player.module.js:2 (anonymous) @ player.module.js:2 j @ player.module.js:2 (anonymous) @ player.module.js:2 Promise.then (async) init @ player.module.js:2 hv @ player.module.js:2 (anonymous) @ 888459704?h=c5387031da:118 Promise.then (async) (anonymous) @ 888459704?h=c5387031da:118 cast_sender.js?loadCastFramework=1:10 [Report Only] Refused to load the script 'https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
E @ cast_sender.js?loadCastFramework=1:10 K @ cast_sender.js?loadCastFramework=1:11 (anonymous) @ cast_sender.js?loadCastFramework=1:11 (anonymous) @ cast_sender.js?loadCastFramework=1:12 cast_sender.js?loadCastFramework=1:10 [Report Only] Refused to load the script 'https://www.gstatic.com/eureka/clank/125/cast_sender.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. `