Interfering with javascript

  • Resolved savingyourtail

    (@savingyourtail)


    1 year, 1 month ago

    I discovered that wordfence is causing a problem with javascript on my site. With plugin enabled, I get this error in the browser console: “Content Security Policy of your site blocks the use of ‘eval’ in JavaScript`”

    The effect of this error is that when I click a table of contents item, the page jumps down to that section of the page, but then the page immediately jumps back to the top.

    Is there a simple setting in Wordfence that will loosen the content security policy to prevent this problem and allow javascript eval?

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Support wfmargaret

    (@wfmargaret)

    1 year, 1 month ago

    Hi @savingyourtail,

    Thank you for reaching out!

    Wordfence does not control CSP, so your site’s HTTP headers normally dictate the policy rules, possibly through another plugin. Having said that, it’s possible that the Wordfence firewall is blocking the request, unrelated to the CSP violation. Learning Mode should help.

    From the Wordfence Dashboard click on Manage WAF. Then you will see Basic Firewall Options > Web Application Firewall Status. Change the option to Learning Mode. Now perform the actions that were causing issues. This will help Wordfence learn that these actions are normal and it will allow them in the future. After you have finished performing the actions, switch the WAF from Learning Mode back to Enabled and Protecting. Now test to see if these actions work correctly.

    https://www.wordfence.com/help/firewall/learning-mode/ is an amazing resource for learning more about the WAF and learning mode.

    Let me know how it goes!

    Thanks,
    Margaret

Viewing 1 replies (of 1 total)

The topic ‘Interfering with javascript’ is closed to new replies.