am i the only one who cant use coracle on firefox for a while now due to broken CSP?
Content-Security-Policy: The page’s settings blocked a style (style-src-elem) at https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap from being applied because it violates the following directive: “style-src 'self' 'unsafe-inline'”
nostr:npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn
That's quite strange, Coracle doesn't use Inter, and it doesn't load any fonts from Google. Do you maybe have a browser extension installed that's getting tripped up?
hum turns out manually deleting everything locally from the browser helped.
CSP persist even after disabling all extensions which is weird
You mean clearing indexeddb/localstorage? And you're still getting the CSP error?
correct. both in chrome and firefox
Just found the issue, it looks like bitcoin-connect is trying to download fonts. nostr:nprofile1qythwumn8ghj7un9d3shjtnswf5k6ctv9ehx2ap0qyfhwumn8ghj7ur4wfcxcetsv9njuetn9uq32amnwvaz7tmjv4kxz7fwv3sk6atn9e5k7tcppemhxue69uhkummn9ekx7mp0qywhwumn8ghj7mn0wd68ytnzd96xxmmfdejhytnnda3kjctv9uq32amnwvaz7tmjv4kxz7fwdehhxarj9e3xwtcpr9mhxue69uhhyetvv9ujuumwdae8gtnnda3kjctv9uq3vamnwvaz7tm9v3jkutnwdaehgu3wd3skuep0qy08wumn8ghj7mn0wd68yttsw43zuam9d3kx7unyv4ezumn9wshsz9rhwden5te0wfjkcctev93xcefwdaexwtcqypr90hlgjed73xq2jvrjhna4ukdx2yjyqmdslqvjzhh83wj8jd9nu66nryl nostr:nprofile1qyt8wumn8ghj7etyv4hzumn0wd68ytnvv9hxgtcppemhxue69uhkummn9ekx7mp0qy08wumn8ghj7mn0wd68yttsw43zuam9d3kx7unyv4ezumn9wshsz8thwden5te0dehhxarj9e3xjarrda5kuetj9eek7cmfv9kz7qg3waehxw309ahx7um5wgh8w6twv5hszymhwden5te0wp6hyurvv4cxzeewv4ej7qg4waehxw309aex2mrp0yhxgctdw4eju6t09uq3wamnwvaz7tmjv4kxz7fwwpexjmtpdshxuet59uq3jamnwvaz7tmjv4kxz7fwwdhx7un59eek7cmfv9kz7qghwaehxw309ashgmrpwvhxummnw3ezumrpdejz7qpqxv8mzscll8vvy5rsdw7dcqtd2j268a6yupr6gzqh86f2ulhy9kkqs7fv6h any way you can fix that for us?
nice find!
is that the latest version? can you check?
because I think it should no longer load external fonts. for various reasons…
