#chrisoswald

I would update the CSP to look like the following

connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://stripe.com

the last directive is missing, which is causing the console error

It seems like the original message can't be loaded. Are you facing any issue after updating the CSP?

I think there is confusion, this is your (Stripe's) CSP (content security policy) in your iframe

Another user pointed out the issue a week ago, I'm also piggybacking on the request to fix the issue

Sorry that I'm unable to load the original message, so do not have the context what another user pointed out

The issue is (and it's not consistent which is weird), but I often receive the following message from the stripe js code.

Refused to connect to 'https://stripe.com/cookie-settings/enforcement-mode' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com".

you can see the root domain https://stripe.com isn't specified in the policy above

Hopefully that makes it more clear that's not my CSP

https://stackoverflow.com/questions/71132603/csp-setup-for-stripe-integration

Thanks for sharing the details! Our team is aware of Refused to connect to 'https://stripe.com/cookie-settings/enforcement-mode' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.stripe.com/ https://errors.stripe.com/ https://r.stripe.com/". and currently looking into it

ok, and yes, I'm familiar with how to configure my CSP... This isn't coming from my domain

thank you for ack that it's a problem and you're working on it

Np just doing some research for ya

Yes appreciate it, is there a place I can track the progress other than looking at my console window 🙂

I don't know Discord in and outs they may have sound notifications

Not sure if that's something I should talk to my account rep about

Oh via Stripe?

yeah

Does the issue still occur on your website now?

The fix should be in live now

I don't think there's an alternative

let me look

I mean did you guys fix it 10 minutes ago?

I don't see it now, but it saw it just a few minutes ago

The changes has just been rolled out

wow, I guess I was lucky on the timing 🙂

I'd recommend monitoring for a while to see if the issue still occurs

yes, I'm not seeing the error any more

I still see this error tho

Unable to download payment manifest "https://pay.google.com/about/redirect/".

This is the error from Google Pay

correct

To be fair, I've done no due diligence to make sure that's not my issue vs stripe

issue meaning a security setting on my side

I don't see a failure in my network stack in chrome, just a console failure

The error is likely that some browser settings that fails to download google pay manifests. This is controlled by Google and Stripe has no control over it

all good, thanks for addressing the other CSP issues on your side

love a clean chrome console

No problem! Happy to help 😄

BTW, the google pay console issues are gone too

@river do you actually work for Stripe?

not sure if you're fixing all my problems tonight

@surreal summit if you don't I'm going to email my account rep and tell them they need to get you off contract status

@river do you actually work for Stripe?
Yes, I'm an engineer with Stripe. Only Stripe employees have Stripe Moderator label on the username in this channel

I lied, google pay error is back, I just don't understand why it's intermittent...

What a badass job. <dream></in code>

I lied, google pay error is back, I just don't understand why it's intermittent...
That will be up to Google to determine whether the manifests can be downloaded

@chris-oswald It's Google they're always updating stuff you should see the emaiols they send every day of updates

@ebon shadow Ain't nobody got time for that.... @surreal summit thanks for your help!

No problem! Happy to help 😄