CSP directive blocks recaptcha

[mflodin]

I tried to use the search, but was met with a cryptic message to confirm I was not a robot, but no way of doing so. Looking in the dev console I noticed this error (among other CSP errors)

Content-Security-Policy: The page’s settings blocked the loading of a resource (frame-src) at 
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdE6qgbAAAAANq2Tal4NuP8YdGwtfdTpCLArNE-&co=aHR0cHM6Ly9hbG1hbmFjLmh0dHBhcmNoaXZlLm9yZzo0NDM.&hl=en&v=jdMmXeCQEkPbnFDy9T04NbgJ&size=normal&anchor-ms=20000&execute-ms=15000&cb=qbrnqoyz8elu 
because it violates the following directive: 
“frame-src 'self' https://cse.google.com/ https://www.googletagmanager.com/”

Which I assume is what is blocking the recaptcha from loading, and thus me from searching.

[mflodin]

There were some other csp errors as well:

Content-Security-Policy: The page’s settings blocked the loading of a resource (frame-src) at 
https://syndicatedsearch.goog/afs/ads/i/iframe.html 
because it violates the following directive: 
“frame-src 'self' https://cse.google.com/ https://www.googletagmanager.com/” 

Content-Security-Policy: The page’s settings blocked the loading of a resource (frame-src) at 
https://syndicatedsearch.goog/cse_v2/ads?sjk=9gUL7JEdTh%2BsCetPJyS3%2FA%3D%3D&adsafe=low&adpage=1&cx=ffb208d5eae47b5bf&fexp=20606%2C17301437%2C17301440%2C17301441%2C17301548%2C17301266%2C72717107&client=google-coop&q=woff2&r=m&hl=sv&ivt=0&type=0&oe=UTF-8&ie=UTF-8&format=p4&ad=p4&nocache=3591765204355621&num=0&output=uds_ads_only&source=gcsc&v=3&bsl=10&pac=0&u_his=6&u_tz=60&dt=1765204355621&u_w=1728&u_h=1117&biw=878&bih=967&psw=878&psh=1083&frm=0&uio=-&drt=0&jsid=csa&jsv=839322201&rurl=https%3A%2F%2Falmanac.httparchive.org%2Fen%2Fsearch%3Fq%3Dwoff2%23gsc.tab%3D0%26gsc.q%3Dwoff2%26gsc.page%3D1&referer=https%3A%2F%2Falmanac.httparchive.org%2Fen%2F2024%2F 
because it violates the following directive: 
“frame-src 'self' https://cse.google.com/ https://www.googletagmanager.com/” 

Content-Security-Policy: The page’s settings blocked the loading of a resource (connect-src) at 
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=afs&tv=1234567890&st=env&sjk=9gUL7JEdTh+sCetPJyS3/A==&sde=1 
because it violates the following directive: 
“connect-src 'self' https://*.google-analytics.com https://www.googletagmanager.com/”

[mflodin]

Forgot to add the url: https://almanac.httparchive.org/en/search?q=something#gsc.tab=0&gsc.q=something&gsc.page=1