Refused to execute a JavaScript script. Source code of script found within request
It's a security measure to prevent XSS (cross-site scripting) attacks.
This happens when some JavaScript code is sent to the server via an HTTP POST request, and the same code comes back via the HTTP response. If Chrome detects this situation, the script is refused to run, and you get the error message Refused to execute a JavaScript script. Source code of script found within request
.
Also see this blogpost about Security in Depth: New Security Features.
PHP Security and XSS attacks - Getting Error Refused to execute a JavaScript script. Source code of script found within request
When I tried this in Chrome I saw an error in the console:
Refused to execute a JavaScript script. Source code of script found within request.
So it's possible modern browsers do this check to prevent it. You should continue to sanitize your input regardless of course, but check your console and you will probably see this.
Twitter API: refused to execute a javascript
I fixed the issue myself by using a local JavaScript to parse the tweet. I downloaded the blogger.js, modified a bit (removed some styles) and uploaded it to my server. Now it's working like a charm.
Refused to execute script, strict MIME type checking is enabled?
You have a <script>
element that is trying to load some external JavaScript.
The URL you have given it points to a JSON file and not a JavaScript program.
The server is correctly reporting that it is JSON so the browser is aborting with that error message instead of trying to execute the JSON as JavaScript (which would throw an error).
Odds are that the underlying reason for this is that you are trying to make an Ajax request, have hit a cross origin error and have tried to fix it by telling jQuery that you are using JSONP. This only works if the URL provides JSONP (which is a different subset of JavaScript), which this one doesn't.
The same URL with the additional query string parameter callback=the_name_of_your_callback_function
does return JavaScript though.
Related Topics
External Template in Underscore
Changing the Default Title of Confirm() in JavaScript
Watch for Object Properties Changes in JavaScript
How to Access Parent Window Object Using Jquery
React - Getting a Component from a Dom Element for Debugging
Difference Between the JavaScript String Type and String Object
!Function(){ }() VS (Function(){ })()
How to Get the First Element of an Array
ASP.NET MVC 3 Razor: Include JavaScript File in the Head Tag
Angularjs: How to Run Additional Code After Angularjs Has Rendered a Template
Get Query String Parameters Url Values with Jquery/JavaScript (Querystring)
Solve Cross Origin Resource Sharing with Flask
Share Variables Between Files in Node.Js
What the Difference Between .Click and .Change on a Checkbox
How to Read a Text File from Server Using JavaScript
Put JavaScript in One .Js File or Break It Out into Multiple .Js Files