[BUG] Claude in Chrome
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
In chrome, I clicked on 'Manage Extensions' . On the Claude in Chrome extension, i see errors, i clicked on errors and see a bunch of errors and need help.
Executing inline script violates the following Content Security Policy directive 'script-src 'self''. Either the 'unsafe-inline' keyword, a hash ('sha256-kFwyFWA0myfqRcE5y2d5UX8g0o2QFHSmCz1gWSW0xpk='), or a nonce ('nonce-...') is required to enable inline execution. The action has been blocked.
Context
options.html
Stack Trace
options.html:8 (anonymous function)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
<!doctype html>
<html lang="en" data-theme="claude">
<head>
<meta charset="UTF-8" />
<link rel="icon" type="image/svg+xml" href="/icon-128.png" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Claude Options</title>
<script>
// Set initial theme mode based on system preference
(function () {
const isDark = window.matchMedia(
"(prefers-color-scheme: dark)",
).matches;
document.documentElement.setAttribute(
"data-mode",
isDark ? "dark" : "light",
);
// Listen for system theme changes
window
.matchMedia("(prefers-color-scheme: dark)")
.addEventListener("change", (e) => {
document.documentElement.setAttribute(
"data-mode",
e.matches ? "dark" : "light",
);
});
})();
</script>
<script type="module" crossorigin src="/assets/options-C9tM1CFy.js"></script>
<link rel="modulepreload" crossorigin href="/assets/index-BBLsn8fp.js">
<link rel="modulepreload" crossorigin href="/assets/index-Bd-JAv43.js">
<link rel="modulepreload" crossorigin href="/assets/PermissionManager-BqJmxUlR.js">
<link rel="modulepreload" crossorigin href="/assets/useStorageState-zNVna44X.js">
<link rel="stylesheet" crossorigin href="/assets/index-B2wvboLx.css">
<link rel="stylesheet" crossorigin href="/assets/useStorageState-BQC1JwUE.css">
</head>
<body>
<div id="root"></div>
</body>
</html>
Executing inline script violates the following Content Security Policy directive 'script-src 'self' 'wasm-unsafe-eval' 'inline-speculation-rules''. Either the 'unsafe-inline' keyword, a hash ('sha256-kFwyFWA0myfqRcE5y2d5UX8g0o2QFHSmCz1gWSW0xpk='), or a nonce ('nonce-...') is required to enable inline execution. The action has been blocked.
Loading the script 'https://cdn.segment.com/next-integrations/actions/amplitude-plugins/f12a4347e1080fb88155.js' violates the following Content Security Policy directive: "script-src 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. The action has been blocked.
Loading the script 'https://cdn.segment.com/next-integrations/actions/amplitude-plugins/f12a4347e1080fb88155.js' violates the following Content Security Policy directive: "script-src 'self' 'wasm-unsafe-eval' 'inline-speculation-rules'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. The action has been blocked.
What Should Happen?
my claude should connect to Chrome
Error Messages/Logs
Steps to Reproduce
In chrome, I clicked on 'Manage Extensions' . On the Claude in Chrome extension, i see errors, i clicked on errors and see a bunch of errors and need help.
Claude Model
None
Is this a regression?
Yes, this worked in a previous version
Last Working Version
_No response_
Claude Code Version
1.0.70
Platform
Anthropic API
Operating System
Windows
Terminal/Shell
Windows Terminal
Additional Information
Context
options.html
Stack Trace
options.html:8 (anonymous function)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
<!doctype html>
<html lang="en" data-theme="claude">
<head>
<meta charset="UTF-8" />
<link rel="icon" type="image/svg+xml" href="/icon-128.png" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Claude Options</title>
<script>
// Set initial theme mode based on system preference
(function () {
const isDark = window.matchMedia(
"(prefers-color-scheme: dark)",
).matches;
document.documentElement.setAttribute(
"data-mode",
isDark ? "dark" : "light",
);
// Listen for system theme changes
window
.matchMedia("(prefers-color-scheme: dark)")
.addEventListener("change", (e) => {
document.documentElement.setAttribute(
"data-mode",
e.matches ? "dark" : "light",
);
});
})();
</script>
<script type="module" crossorigin src="/assets/options-C9tM1CFy.js"></script>
<link rel="modulepreload" crossorigin href="/assets/index-BBLsn8fp.js">
<link rel="modulepreload" crossorigin href="/assets/index-Bd-JAv43.js">
<link rel="modulepreload" crossorigin href="/assets/PermissionManager-BqJmxUlR.js">
<link rel="modulepreload" crossorigin href="/assets/useStorageState-zNVna44X.js">
<link rel="stylesheet" crossorigin href="/assets/index-B2wvboLx.css">
<link rel="stylesheet" crossorigin href="/assets/useStorageState-BQC1JwUE.css">
</head>
<body>
<div id="root"></div>
</body>
</html>
Executing inline script violates the following Content Security Policy directive 'script-src 'self' 'wasm-unsafe-eval' 'inline-speculation-rules''. Either the 'unsafe-inline' keyword, a hash ('sha256-kFwyFWA0myfqRcE5y2d5UX8g0o2QFHSmCz1gWSW0xpk='), or a nonce ('nonce-...') is required to enable inline execution. The action has been blocked.
Loading the script 'https://cdn.segment.com/next-integrations/actions/amplitude-plugins/f12a4347e1080fb88155.js' violates the following Content Security Policy directive: "script-src 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. The action has been blocked.
Loading the script 'https://cdn.segment.com/next-integrations/actions/amplitude-plugins/f12a4347e1080fb88155.js' violates the following Content Security Policy directive: "script-src 'self' 'wasm-unsafe-eval' 'inline-speculation-rules'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. The action has been blocked.
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗