[SOLVED] Webpage not loading

nbartolo7

Honorable
Sep 4, 2017
360
7
10,685
0
For some reason, today, hotmail.com (outlook) is not loading. The logo just keeps reloading. It works in a private window which made me think it was a cache problem, but after deleting the web browser's cache, the situation remains the same.
 

nbartolo7

Honorable
Sep 4, 2017
360
7
10,685
0
that not console, that element tab
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'nonce-avx2xzhhrrfdthzfe77s4w==' .res.office365.com *.fluidpreview.office.net *.cdn.office.net wss://.delve.office.com:443 shellprod.msocdn.com amcdn.msauth.net amcdn.msftauth.net *.bing.com *.skype.com *.skypeassets.com *.delve.office.com *.cdn.office.net static.teams.microsoft.com *.googleapis.com teams.microsoft.com cdn.forms.office.net blob: 'report-sample' 'self' 'unsafe-inline' 'wasm-unsafe-eval' acdn.adnxs.com cdn.adnxs.com *.aolcdn.com jill.fc.yahoo.com stage-jill.fc.yahoo.com jac.yahoosandbox.com stage-jac.yahoosandbox.com *.arkoselabs.com". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
 

nbartolo7

Honorable
Sep 4, 2017
360
7
10,685
0
that not console, that element tab
    1. A page or script is accessing at least one of navigator.userAgent, navigator.appVersion, and navigator.platform. Starting in Chrome 101, the amount of information available in the User Agent string will be reduced.
      To fix this issue, replace the usage of navigator.userAgent, navigator.appVersion, and navigator.platform with feature detection, progressive enhancement, or migrate to navigator.userAgentData.
      Note that for performance reasons, only the first access to one of the properties is shown.
    2. AFFECTED RESOURCES
      1. 1 source
        1. autofill.js:1

      • Learn more: User-Agent String Reduction

  1. 4
    Content Security Policy blocks inline execution of scripts and stylesheets
    1. The Content Security Policy (CSP) prevents cross-site scripting attacks by blocking inline execution of scripts and style sheets.
      To solve this, move all inline scripts (e.g. onclick=[JS code]) and styles into external files.
      ⚠ Allowing inline execution comes at the risk of script injection via injection of HTML script elements. If you absolutely must, you can allow inline script and styles by:
      • adding unsafe-inline as a source to the CSP header
      • adding the hash or nonce of the inline script to your CSP header.
 

ASK THE COMMUNITY