0Wordpress LogoWordPress visual editor not working

I’ve had an issue for a little while where the word­press visu­al edit­or but­ton stopped work­ing. The code edit­or was fine, and the but­ton for the visu­al edit­or is present but click­ing on it has no effect. After much fid­dling around I finally dis­covered it was being broken by my Con­tent Secur­ity Policy!


One reas­on this was so dif­fi­cult to dia­gnose is because I haven’t seen any­one else sug­gest CSP as the source of the prob­lem, espe­cially since I am using the “clas­sic edit­or” plu­gin which most people seem to blame. The plu­gin, or word­press itself, may be partly to blame as my CSP isn’t unreas­on­able, but clearly I needed to per­mit some­thing else.

When I finally star­ted dig­ging through the con­sole I found the fol­low­ing error (in Fire­fox): The page’s set­tings observed the load­ing of a resource at eval (“script-src”)

The Chrome con­sole was much more help­ful: “Refused to eval­u­ate a string as JavaS­cript because ‘unsafe-eval’ is not an allowed source of script in the fol­low­ing Con­tent Secur­ity Policy dir­ect­ive”

So to get this work­ing I will have to enable “unsafe-eval” which is annoy­ing because this makes a con­tent secur­ity policy largely point­less.

As more and more people imple­ment CSP this will become more of an issue for the word­press and plu­gin devs to resolve to hope­fully in the longer term solu­tions will become avail­able. Until then I will see if there is a work­around by remov­ing inline and eval code.

The best inform­a­tion and guide I have found so far is at Col­or Blind Pro­gram­ming

Got some thoughts of your own? Indulge yourself below by commenting! If you would like to subscribe please use the subscribe link on the menu at the top right. You can also share this with your friends by using the social links below. Cheers.

Leave a Reply