diydog_docs | Stripe Developers | Page 1

icy crowBOT Mar 10, 2026, 6:47 AM

#

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1480819493448978515

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

Below are links to other discussions we've had with you in the past week in case you want to review that information. If your question is related to one of these previous discussions, please provide a comprehensive summary of the current state and what you need help with now. We help many users simultaneously, so a summary allows us to resolve your issue as soon as possible.

diydog_docs, 3 days ago, 17 messages
diydog_docs, 4 days ago, 24 messages
diydog_docs, 5 days ago, 88 messages
diydog_code, 6 days ago, 27 messages

#

static cairn Mar 10, 2026, 6:50 AM

#

I added connect-src as per the documentation, but when I use fetch, I get the error message: 'Connecting to 'https://dashboard.stripe.com/rw/stripe/apply/token' violates the following Content Security Policy directive: "connect-src https://.wetech.vip/api/ http://localhost: localhost:*". The action has been blocked'.

Stripe Login | Sign in to the Stripe Dashboard

Sign in to the Stripe Dashboard to manage business payments and operations in your account. Manage payments and refunds, respond to disputes and more.

hoary sapphire Mar 10, 2026, 6:51 AM

#

Could you send me the request ID where you see this error message? (req_xxx)

static cairn Mar 10, 2026, 6:52 AM

#

#

This is all the error.

hoary sapphire Mar 10, 2026, 6:53 AM

#

Your website has a restrictive connect-src CSP directive only allows outbound network requests to:

https://*.wetech.vip/api/
http://localhost:*
localhost:*

When your site tries to connect to https://dashboard.stripe.com/rw/stripe/apply/token the browser blocks the request because dashboard.stripe.com is not in their CSP allowlist.

#

you would need to update the Content-Security-Policy header on their website/server to include Stripe's domains in the connect-src directive. Something like:

connect-src https://*.wetech.vip/api/ https://*.stripe.com http://localhost:* localhost:*

static cairn Mar 10, 2026, 6:57 AM

#

Sorry, I forgot to add the base path, which caused it to be forwarded to my local machine.

#diydog_docs