Bypass Content Security Policy for a specific URL

Website, Application, Performance Security
1

What is the name of the domain?

dot832.com

What is the error message?

Content Security Policy of your site blocks the use of eval in JavaScript

What is the issue you’re encountering

Unable to submit invoice payments

What steps have you taken to resolve the issue?

I would like to bypass/turn off CSP for a specific URL on my website. CSP is breaking my invoice payment page.

What are the steps to reproduce the issue?

  1. go to https://www.dot832.com/payment/
  2. enter invoice payment details
  3. note the Total field does not populate
  4. note the submit button is disabled

NOTE THE CSP ERROR IN THE LOWER RIGHT CORNER OF SCREENSHOT

Screenshot of the error

Screenshot 2025-02-13 155805.png
Screenshot 2025-02-13 155805.png2048×1104 220 KB

2

What is the name of the domain?

dot832.com

What is the error message?

Content Security Policy of your site blocks the use of eval in JavaScript

What is the issue you’re encountering

Unable to submit any website form

What steps have you taken to resolve the issue?

I have created various bypass rules in Cloudflare and overrode CSP in my htaccess file but nothing works.

Was the site working with SSL prior to adding it to Cloudflare?

Yes

What is the current SSL/TLS setting?

Full (strict)

What are the steps to reproduce the issue?

Try to submit the form, Get in Touch | dot832 | WordPress Specialists, then check DevTools for errors.