Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Interests
See all
Community resources
Top groups
Explore all groups
Community resources

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Get started Tell me more
Atlassian Community about banner
4,300,651
Community Members
 
Community Events
165
Community Groups

Bitbucket pages bug: cannot load javascript

vishvAs vAsuki
vishvAs vAsuki Sep 27, 2021

I am getting such messages:

```

Refused to load the script 'https://xyz.bitbucket.io/webpack_dist/dir_tree-bundle.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'strict-dynamic' 'unsafe-inline' 'self' http: https: https://d301sr5gafysq2.cloudfront.net". 'strict-dynamic' is present, so host-based allowlisting is disabled. Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

```

when opening https://xyz.bitbucket.io/

This contradicts https://support.atlassian.com/bitbucket-cloud/docs/publishing-a-website-on-bitbucket-cloud/ , which clearly says this is supported: "Inclusion of JavaScript in your HTML pages."

This looks like a bug. Can someone please also point me to the site to report bugs (irrespective of this issue)?


PS: I've seen the response to https://community.atlassian.com/t5/Bitbucket-questions/How-do-I-use-javascript-in-my-Bitbucket-Pages-website/qaq-p/1180088 as well.

Answer
Watch
Like Be the first to like this
293 views

1 answer

1 vote
Mark C
Mark C Atlassian Team Sep 27, 2021

Hi @vishvAs vAsuki

Thanks for reaching out to the community.

As per my testing, I do receive the same error message in my Chrome browser console logs while loading my static website.

[Report Only] Refused to load the script 'https://test.bitbucket.io/some.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'strict-dynamic' 'unsafe-inline' 'self' http: https: https://d301sr5gafysq2.cloudfront.net". 'strict-dynamic' is present, so host-based allowlisting is disabled. Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

However, the javascript file is working fine on my static website.

Would it be possible for you to confirm if your javascript file is also working fine on your end?

Also, you can report a bug through this link: https://jira.atlassian.com/projects/BCLOUD/summary
Make sure you're logged in to jira.atlassian.com first using your Atlassian account

Regards,
Mark C

View More Comments
vishvAs vAsuki
vishvAs vAsuki Sep 28, 2021

Thank you - despite the messages, the js code is indeed working. However, these confusing messages must go.

Like
Mark C
Mark C Atlassian Team Sep 28, 2021

Thank you for the confirmation.

I'll check this with our internal team and will get back to you.

Regards,
Mark C

Like
Mark C
Mark C Atlassian Team Oct 21, 2021

Hi @vishvAs vAsuki

Apologies for the late response here.
I just got a response from our internal team.

As the browser console log error refers to your JS script, you can fix this by adjusting your code since this is something you can control as a static website.

Here are some of the links that might help to fix this on your end:
How to fix 'because it violates the following content security policy directive'
Google | Content Security Policy

Let me know if you have further questions.

Regards,
Mark C

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
Community showcase
Colin Wood
Colin Wood
Published in Bitbucket

Git push size limits are coming to Bitbucket Cloud starting April 4th, 2022

Beginning on April 4th, we will be implementing push limits. This means that your push cannot be completed if it is over 3.5 GB. If you do attempt to complete a push that is over 3.5 GB, it will fail...

2,263 views 2 9
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you