Closed ghost closed 5 years ago
My advice is to ignore those errors. While we believe they should be fixed by Google, there's nothing you can do to get them fixed. If you aren't doing it already, the CLI and the browser extension allow you to ignore domains.
@sarvaje @antross, I think we are ignoring some domains in the online scanner. Maybe we should add these (and maybe some others) as well?
Could we please have in the online scanner the same simple options available in the browser extension? The Categories, Target Browsers, and Ignored Resources options would make the online scanner very useful.
That's something we've wanted to enable for a while but there have been other higher priority issues coming up 😞
I'm going to close this issue as the work is tracked in https://app.zenhub.com/workspace/o/webhintio/webhint.io/issues/233
I think we should continue the conversation about how much configuration we want to enable there.
Thanks!
The scanner is flummoxed by resources dynamically loaded from Google URLs by the reCaptcha routine.
See the myriad hints at: https://webhint.io/scanner/8a3938a3-8502-4557-b65c-dd108334e3d8
Are these hints that Google should properly address, or are there things a developer using reCaptcha can do in terms of security headers and settings to prevent these hints from triggering?
It first complains that the JavaScript and CSS retrieved for reCaptcha at https://www.gstatic.com/recaptcha/api2 has the wrong content-type for each resource, when the content-type seems correct for each resource requested
For example:
Under Performance, it complains about the various directive of resources from https://www.google.com/recaptcha/ and from https://www.gstatic.com/recaptcha and https://fonts.gstatic.com/, e.g.
And it goes on like this for dozens of hints all triggered by the reCaptcha components loaded dynamically by the single parent reCaptcha JS routine employed by the developer.
Please advise.