Chrome 145: CSP blocks inline scripts in sidepanel.html - extension non-functional
Resolved 💬 3 comments Opened Mar 12, 2026 by joelcosta79 Closed May 19, 2026
Description
The Claude in Chrome extension (v1.0.59) is completely non-functional on Chrome 145 (arm64/macOS). Chrome's Content Security Policy blocks the inline script in sidepanel.html, preventing the extension from loading properly.
Environment
- Chrome version: 145.0.7632.118 (Official Build) (arm64)
- Extension version: 1.0.59
- OS: macOS (Apple Silicon)
- Claude Code version: 2.1.74
Error Messages
Executing inline script violates the following Content Security Policy directive 'script-src 'self''.
Either the 'unsafe-inline' keyword, a hash ('sha256-kFwyFWA0myfqRcE5y2d5UX8g0o2QFHSmCz1gWSW0xpk='),
or a nonce ('nonce-...') is required to enable inline execution. The action has been blocked.
Uncaught (in promise) Error: Could not establish connection. Receiving end does not exist.
Additionally, Segment analytics scripts are also blocked:
Loading the script 'https://cdn.segment.com/next-integrations/actions/amplitude-plugins/f12a4347e1080fb88155.js'
violates the following Content Security Policy directive: "script-src 'self'".
Steps to Reproduce
- Install Claude in Chrome extension (v1.0.59) on Chrome 145
- Connect to Claude Code via
/mcp - Try to create tabs or navigate — commands report success but no tabs are actually created/visible
Root Cause
The inline <script> block in sidepanel.html (line 8) that sets the initial theme mode is blocked by Chrome 145's stricter CSP enforcement. This prevents the side panel from initializing, which breaks all tab management functionality.
Suggested Fix
Move the inline script in sidepanel.html to an external .js file to comply with CSP script-src 'self' policy.
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗