[BUG] Claude in Chrome

Resolved 💬 3 comments Opened May 17, 2026 by cajonathan-arch Closed May 21, 2026

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

In chrome, I clicked on 'Manage Extensions' . On the Claude in Chrome extension, i see errors, i clicked on errors and see a bunch of errors and need help.

Executing inline script violates the following Content Security Policy directive 'script-src 'self''. Either the 'unsafe-inline' keyword, a hash ('sha256-kFwyFWA0myfqRcE5y2d5UX8g0o2QFHSmCz1gWSW0xpk='), or a nonce ('nonce-...') is required to enable inline execution. The action has been blocked.

Context
options.html
Stack Trace
options.html:8 (anonymous function)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
<!doctype html>
<html lang="en" data-theme="claude">
<head>
<meta charset="UTF-8" />
<link rel="icon" type="image/svg+xml" href="/icon-128.png" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Claude Options</title>
<script>
// Set initial theme mode based on system preference
(function () {
const isDark = window.matchMedia(
"(prefers-color-scheme: dark)",
).matches;
document.documentElement.setAttribute(
"data-mode",
isDark ? "dark" : "light",
);
// Listen for system theme changes
window
.matchMedia("(prefers-color-scheme: dark)")
.addEventListener("change", (e) => {
document.documentElement.setAttribute(
"data-mode",
e.matches ? "dark" : "light",
);
});
})();
</script>
<script type="module" crossorigin src="/assets/options-C9tM1CFy.js"></script>
<link rel="modulepreload" crossorigin href="/assets/index-BBLsn8fp.js">
<link rel="modulepreload" crossorigin href="/assets/index-Bd-JAv43.js">
<link rel="modulepreload" crossorigin href="/assets/PermissionManager-BqJmxUlR.js">
<link rel="modulepreload" crossorigin href="/assets/useStorageState-zNVna44X.js">
<link rel="stylesheet" crossorigin href="/assets/index-B2wvboLx.css">
<link rel="stylesheet" crossorigin href="/assets/useStorageState-BQC1JwUE.css">
</head>
<body>
<div id="root"></div>
</body>
</html>

Executing inline script violates the following Content Security Policy directive 'script-src 'self' 'wasm-unsafe-eval' 'inline-speculation-rules''. Either the 'unsafe-inline' keyword, a hash ('sha256-kFwyFWA0myfqRcE5y2d5UX8g0o2QFHSmCz1gWSW0xpk='), or a nonce ('nonce-...') is required to enable inline execution. The action has been blocked.
Loading the script 'https://cdn.segment.com/next-integrations/actions/amplitude-plugins/f12a4347e1080fb88155.js' violates the following Content Security Policy directive: "script-src 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. The action has been blocked.
Loading the script 'https://cdn.segment.com/next-integrations/actions/amplitude-plugins/f12a4347e1080fb88155.js' violates the following Content Security Policy directive: "script-src 'self' 'wasm-unsafe-eval' 'inline-speculation-rules'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. The action has been blocked.

What Should Happen?

my claude should connect to Chrome

Error Messages/Logs

Steps to Reproduce

In chrome, I clicked on 'Manage Extensions' . On the Claude in Chrome extension, i see errors, i clicked on errors and see a bunch of errors and need help.

Claude Model

None

Is this a regression?

Yes, this worked in a previous version

Last Working Version

_No response_

Claude Code Version

1.0.70

Platform

Anthropic API

Operating System

Windows

Terminal/Shell

Windows Terminal

Additional Information

Context
options.html
Stack Trace
options.html:8 (anonymous function)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
<!doctype html>
<html lang="en" data-theme="claude">
<head>
<meta charset="UTF-8" />
<link rel="icon" type="image/svg+xml" href="/icon-128.png" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Claude Options</title>
<script>
// Set initial theme mode based on system preference
(function () {
const isDark = window.matchMedia(
"(prefers-color-scheme: dark)",
).matches;
document.documentElement.setAttribute(
"data-mode",
isDark ? "dark" : "light",
);
// Listen for system theme changes
window
.matchMedia("(prefers-color-scheme: dark)")
.addEventListener("change", (e) => {
document.documentElement.setAttribute(
"data-mode",
e.matches ? "dark" : "light",
);
});
})();
</script>
<script type="module" crossorigin src="/assets/options-C9tM1CFy.js"></script>
<link rel="modulepreload" crossorigin href="/assets/index-BBLsn8fp.js">
<link rel="modulepreload" crossorigin href="/assets/index-Bd-JAv43.js">
<link rel="modulepreload" crossorigin href="/assets/PermissionManager-BqJmxUlR.js">
<link rel="modulepreload" crossorigin href="/assets/useStorageState-zNVna44X.js">
<link rel="stylesheet" crossorigin href="/assets/index-B2wvboLx.css">
<link rel="stylesheet" crossorigin href="/assets/useStorageState-BQC1JwUE.css">
</head>
<body>
<div id="root"></div>
</body>
</html>

Executing inline script violates the following Content Security Policy directive 'script-src 'self' 'wasm-unsafe-eval' 'inline-speculation-rules''. Either the 'unsafe-inline' keyword, a hash ('sha256-kFwyFWA0myfqRcE5y2d5UX8g0o2QFHSmCz1gWSW0xpk='), or a nonce ('nonce-...') is required to enable inline execution. The action has been blocked.
Loading the script 'https://cdn.segment.com/next-integrations/actions/amplitude-plugins/f12a4347e1080fb88155.js' violates the following Content Security Policy directive: "script-src 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. The action has been blocked.
Loading the script 'https://cdn.segment.com/next-integrations/actions/amplitude-plugins/f12a4347e1080fb88155.js' violates the following Content Security Policy directive: "script-src 'self' 'wasm-unsafe-eval' 'inline-speculation-rules'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. The action has been blocked.

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗