I am using stripe payment intents api to handle payments in my app. For the backend I am using ExpressJS and for the frontend I am using React (craco) with stripe elements. However, I am facing this error:
VM148:1 Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='".
eventhough I didn’t set any CSPs for my app.
2
Answers
As it turned out one of my chrome extensions was blocking stripe js files which caused this error, after disabling the extension it started working fine.
Can you paste the relevant code and show me how you integrate Stripe?