WordPress 7 custom HTML broken | ww.wp.xz.cn

Eric
(@zarglu)

3 days, 16 hours ago

Since updating to from WordPress 6.9 to 7, custom HTML blocks display a gray box in the editor with

“This content is blocked. Contact the site owner to fix the issue.”

looking at the console

Framing ‘blob:https://website/a8a38226-fe28-49c9-8a6c-68e1dd5780e4’ violates the following Content Security Policy directive: “default-src ‘self’ https: data:”. The request has been blocked. Note that ‘frame-src’ was not explicitly set, so ‘default-src’ is used as a fallback.

block-editor.min.js?ver=93c3566b7f24c15b7e17:76 Uncaught TypeError: Cannot destructure property ‘documentElement’ of ‘z’ as it is null.
at HTMLIFrameElement.j (block-editor.min.js?ver=93c3566b7f24c15b7e17:76:960)

there are also warnings leading to

https://developer.ww.wp.xz.cn/block-editor/reference-guides/block-api/block-api-versions/block-migration-for-iframe-editor-compatibility/

but what this means is above my paygrade

Viewing 1 replies (of 1 total)

Zartab Farooquee
(@zartabwp)

3 days, 8 hours ago

The error suggests that your site’s Content Security Policy (CSP) is blocking the iframe used by the block editor. Since this started after the update, I’d check any security headers added by your host, security plugin, CDN, or server configuration. Temporarily disabling custom CSP rules may help confirm whether that’s the cause.

Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.

In: Fixing WordPress
1 reply
2 participants
Last reply from: Zartab Farooquee
Last activity: 3 days, 8 hours ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics