#silven_code

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1280447347473514498

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

hi! what's the exact error you see?

https://docs.stripe.com/security/guide?csp=csp-js also lists the CSP configuration you'd need

I already tried adding a meta tag that solves the error, but if I add it the rest of the buttons on the page stop working

ah, are you are using CORP/COEP headers?

we do not support those, to use stripe.js you need to not use those(configure your hosting server to not serve with the page with https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Resource-Policy ).

I'm not, but I am using supabase for auth and this error only appears when the user is logged in. What I'm thinking is that supabse changes the CSP somewhere on the way but I didn't find that code. I managed to get rid of the error by adding a meta tag to allow the stripe link but when I do that the rest of the page stops working. Do you know any way I can configure CSP to allow both the stripe call /buttons / api calls of my page to work at the same time?

thanks for the help btw

your screenshot indicates it is not CSP, it's CORP

I will start the project on a new brand repo to be sure it has no CORP changes at all, I messed a bit with CORPS a while ago. If I still have something I will say soemthing

thanks for the help