This means if you are loading external resources in your user scripts, you might get an error in your javascript console.

What does "external" mean in this context? Does loading scripts from e.g. Meta count as external for our chapter wiki (


Sebastian Berlin
Wikimedia Sverige (WMSE)

Telefon/Phone: (+46) 0707 - 92 03 84

On Sat, 27 Oct 2018 at 20:28, Kaartic Sivaraam <> wrote:
Thanks for the clarifying note. That saved me a web search and probably a wholesome of tabs that I would have opened as a consequence ;-)

On 27 October 2018 02:18:20 GMT+05:30, Brian Wolff <> wrote:
>Just a further clarifying note: CSP stands for Content Security Policy.
>I want to emphasize that most users should not need to worry about
>this. If
>you are a more advanced user and are wondering why your browser's
>console suddenly has new errors, this is why.
>On Friday, October 26, 2018, Brian Wolff <> wrote:
>> Just a heads up, we're enabling CSP in report only mode on wikis.
>means if you are loading external resources in your user scripts, you
>get an error in your javascript console. Don't panic, so far we are
>enabling report only, and will of course give people notice before
>enabling it enforcing. At this stage we are just gathering information
>what the impact of CSP would be on the wikis and what sort of external
>javascript is used in practise.
>> That said, if you are loading externally hosted javascript from your
>JS page, we strongly suggest you do not do this for security reasons.
>> --
>> Brian


Sent from my Android device with K-9 Mail. Please excuse my brevity.

Wikitech-ambassadors mailing list