Having trouble joining a campaign

I just noticed this recently when I joined the group, but couldn't enter the game. When I click the Join Game button, it takes me to the right page, but, it gives me a message before anything loads, telling me that I was unable to connect and it gave me this error code: NEP:-JSa63_TwpxdWOj0wGQ6 I always use Chrome, so that takes on possible fix out. I also tried clearing my cache but it didn't change anything either. I don't use any extensions so that removes the third possible fix. Is this an error that happens often?

I'm not sure what to show so you could help, so I copied the text in red to see if it would help. Refused to execute JavaScript URL because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' Failed to load resource: net::ERR_BLOCKED_BY_CLIENT Failed to load resource: the server responded with a status of 403 (Forbidden) x2

your settings on your browser is set up to block javascript. That means check your browsers security settings. You might be able to make an exception for roll20

I checked my security settings, and it is set to allow javascript. I even made sure to set the exceptions to allow roll20.

You're certain you don't have any extensions? They may not have page actions or browser actions, you'd have to check settings->extensions to be sure. This issue seems to happen fairly often when you have an ad blocker installed.

I have had adblocker disabled for Roll20 for a while now, could it still cause issues?

Which ad blocker? You could try disabling it completely and see if the issue goes away to eliminate it as a possibility.

Ian O. said: I'm not sure what to show so you could help, so I copied the text in red to see if it would help. Refused to execute JavaScript URL because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' Failed to load resource: net::ERR_BLOCKED_BY_CLIENT Failed to load resource: the server responded with a status of 403 (Forbidden) x2 I'm not sure now. because all that points to a setting on your computer. The first line states your browser refused to run javascript url because it tripped a security policy. The other two fall from that. the second line: blocked by client is from the first like not running javascript, the last one is because of the second one. What operating system are you using? You said you are using chrome. I use Win7 and chrome. If you use win7 try going to your control panel then internet options and look at your various settings in that. I have most of mine set for medium or medium high.

Refused to execute JavaScript URL because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval This is likely the New Relic instrumentation script being denied. There was a thread a while back discussing it. Probably there are two of these at the top of the console log. Failed to load resource: net::ERR_BLOCKED_BY_CLIENT Failed to load resource: the server responded with a status of 403 (Forbidden) x2 These probably occurred much further down and are likely the actual problem. Ian O.: Do you think you could open up the console, select everything with Ctrl-A (Cmd-A on a mac), copy it, and paste it into a message here? (preferable formatted as code.) Full instructions: <a href="https://wiki.roll20.net/Solving_Technical_Issues#S" rel="nofollow">https://wiki.roll20.net/Solving_Technical_Issues#S</a>...

Aaron said: Refused to execute JavaScript URL because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval This is likely the New Relic instrumentation script being denied. There was a thread a while back discussing it. Probably there are two of these at the top of the console log. Failed to load resource: net::ERR_BLOCKED_BY_CLIENT Failed to load resource: the server responded with a status of 403 (Forbidden) x2 These probably occurred much further down and are likely the actual problem. Ian O.: Do you think you could open up the console, select everything with Ctrl-A (Cmd-A on a mac), copy it, and paste it into a message here? (preferable formatted as code.) Full instructions: <a href="https://wiki.roll20.net/Solving_Technical_Issues#S" rel="nofollow">https://wiki.roll20.net/Solving_Technical_Issues#S</a>... Here is what is in the console Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' https://*.googlesyndication.com https://*.doubleclick.net <a href="https://partner.googleadservices.com" rel="nofollow">https://partner.googleadservices.com</a> <a href="https://www.googletagservices.com" rel="nofollow">https://www.googletagservices.com</a> <a href="https://ssl.google-analytics.com" rel="nofollow">https://ssl.google-analytics.com</a> <a href="https://ajax.googleapis.com" rel="nofollow">https://ajax.googleapis.com</a> <a href="https://d3clqjduf2gvxg.cloudfront.net" rel="nofollow">https://d3clqjduf2gvxg.cloudfront.net</a> <a href="https://cdn.firebase.com" rel="nofollow">https://cdn.firebase.com</a> https://*.firebaseio.com https://*.tokbox.com https://*.opentok.com <a href="http://static.opentok.com" rel="nofollow">http://static.opentok.com</a>". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. app.roll20.net/editor/:8Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' https://*.googlesyndication.com https://*.doubleclick.net <a href="https://partner.googleadservices.com" rel="nofollow">https://partner.googleadservices.com</a> <a href="https://www.googletagservices.com" rel="nofollow">https://www.googletagservices.com</a> <a href="https://ssl.google-analytics.com" rel="nofollow">https://ssl.google-analytics.com</a> <a href="https://ajax.googleapis.com" rel="nofollow">https://ajax.googleapis.com</a> <a href="https://d3clqjduf2gvxg.cloudfront.net" rel="nofollow">https://d3clqjduf2gvxg.cloudfront.net</a> <a href="https://cdn.firebase.com" rel="nofollow">https://cdn.firebase.com</a> https://*.firebaseio.com https://*.tokbox.com https://*.opentok.com <a href="http://static.opentok.com" rel="nofollow">http://static.opentok.com</a>". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. app.roll20.net/editor/:970TOUCH SUPPORTED: falseUSING WEBGL ACCELERATION...selectSwitch mode to selectInitializing new dice engine with randomness...Using random entropyUnable to start up OpenTok!Compiling sheet...The page at '<a href="https://app.roll20.net/editor/" rel="nofollow">https://app.roll20.net/editor/</a>' was loaded over HTTPS, but displayed insecure content from '<a href="http://imgsrv.roll20.net:5100/?src=paizo.com/image/content/Logos/PathfinderRPGLogo_500.jpeg" rel="nofollow">http://imgsrv.roll20.net:5100/?src=paizo.com/image/content/Logos/PathfinderRPGLogo_500.jpeg</a>': this content should also be loaded over HTTPS. app.roll20.net/editor/:1Finding sheet rolls...'Attr.nodeValue' is deprecated. Please use 'value' instead.window resizeFinal set zoom!UPDATE GL SIZE!Final set zoom!tuts loadedFinal page load.Scan for new plays!2Refused to execute JavaScript URL because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' https://*.googlesyndication.com https://*.doubleclick.net <a href="https://partner.googleadservices.com" rel="nofollow">https://partner.googleadservices.com</a> <a href="https://www.googletagservices.com" rel="nofollow">https://www.googletagservices.com</a> <a href="https://ssl.google-analytics.com" rel="nofollow">https://ssl.google-analytics.com</a> <a href="https://ajax.googleapis.com" rel="nofollow">https://ajax.googleapis.com</a> <a href="https://d3clqjduf2gvxg.cloudfront.net" rel="nofollow">https://d3clqjduf2gvxg.cloudfront.net</a> <a href="https://cdn.firebase.com" rel="nofollow">https://cdn.firebase.com</a> https://*.firebaseio.com https://*.tokbox.com https://*.opentok.com <a href="http://static.opentok.com" rel="nofollow">http://static.opentok.com</a>". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. about:blank:1Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' https://*.googlesyndication.com https://*.doubleclick.net <a href="https://partner.googleadservices.com" rel="nofollow">https://partner.googleadservices.com</a> <a href="https://www.googletagservices.com" rel="nofollow">https://www.googletagservices.com</a> <a href="https://ssl.google-analytics.com" rel="nofollow">https://ssl.google-analytics.com</a> <a href="https://ajax.googleapis.com" rel="nofollow">https://ajax.googleapis.com</a> <a href="https://d3clqjduf2gvxg.cloudfront.net" rel="nofollow">https://d3clqjduf2gvxg.cloudfront.net</a> <a href="https://cdn.firebase.com" rel="nofollow">https://cdn.firebase.com</a> https://*.firebaseio.com https://*.tokbox.com https://*.opentok.com <a href="http://static.opentok.com" rel="nofollow">http://static.opentok.com</a>". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. app.roll20.net/editor/:1Auth'ed.Go post auth!initial setupGot players value...joining game...ERROR: NO EXISTING PLAYERNo active player, returning...Player -JDHLLHTXPfR8uCPe745 is offline...4Full load page!We have 4 pagesRefused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' https://*.googlesyndication.com https://*.doubleclick.net <a href="https://partner.googleadservices.com" rel="nofollow">https://partner.googleadservices.com</a> <a href="https://www.googletagservices.com" rel="nofollow">https://www.googletagservices.com</a> <a href="https://ssl.google-analytics.com" rel="nofollow">https://ssl.google-analytics.com</a> <a href="https://ajax.googleapis.com" rel="nofollow">https://ajax.googleapis.com</a> <a href="https://d3clqjduf2gvxg.cloudfront.net" rel="nofollow">https://d3clqjduf2gvxg.cloudfront.net</a> <a href="https://cdn.firebase.com" rel="nofollow">https://cdn.firebase.com</a> https://*.firebaseio.com https://*.tokbox.com https://*.opentok.com <a href="http://static.opentok.com" rel="nofollow">http://static.opentok.com</a>". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. app.roll20.net/editor/:1Player -JSVsDfm6BQsnmg7qCOw is offline...Player -JSa3B9xZE8egpgp4XU1 is offline...Player -JSVqhEbbUOXJXLPr4ZD is offline...Player -JSXmU7ULuKluQudUwUV is offline...Swapping <a href="https://s3.amazonaws.com/files.d20.io/images/3357726/4aJAfkwNaNQXXaHcvvfcVQ/thumb.jpg?13944133465" rel="nofollow">https://s3.amazonaws.com/files.d20.io/images/3357726/4aJAfkwNaNQXXaHcvvfcVQ/thumb.jpg?13944133465</a> to <a href="https://s3.amazonaws.com/files.d20.io/images/3357726/4aJAfkwNaNQXXaHcvvfcVQ/original.jpg?13944133465Failed" rel="nofollow">https://s3.amazonaws.com/files.d20.io/images/3357726/4aJAfkwNaNQXXaHcvvfcVQ/original.jpg?13944133465Failed</a> to load resource: the server responded with a status of 403 (Forbidden) <a href="https://s3.amazonaws.com/files.d20.io/images/2744116/rvkUIVhMjDMoyfYsBagLYg/med.jpg?13897317205Error" rel="nofollow">https://s3.amazonaws.com/files.d20.io/images/2744116/rvkUIVhMjDMoyfYsBagLYg/med.jpg?13897317205Error</a> loading image, probably due to cors. Trying once without CORS for <a href="https://s3.amazonaws.com/files.d20.io/images/2744116/rvkUIVhMjDMoyfYsBagLYg/med.jpg?1389731720setting" rel="nofollow">https://s3.amazonaws.com/files.d20.io/images/2744116/rvkUIVhMjDMoyfYsBagLYg/med.jpg?1389731720setting</a> srcCols: 2 Rows: 2Took 74ms to generate cache.Failed to load resource: the server responded with a status of 403 (Forbidden) <a href="https://s3.amazonaws.com/files.d20.io/images/2744116/rvkUIVhMjDMoyfYsBagLYg/med.jpg?1389731720Reorder" rel="nofollow">https://s3.amazonaws.com/files.d20.io/images/2744116/rvkUIVhMjDMoyfYsBagLYg/med.jpg?1389731720Reorder</a> by ZORDERwindow resize app.js?1405432738:35Final set zoom! app.js?1405432738:23UPDATE GL SIZE! app.js?1405432738:23Final set zoom!

Pat S. said: Ian O. said: I'm not sure what to show so you could help, so I copied the text in red to see if it would help. Refused to execute JavaScript URL because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' Failed to load resource: net::ERR_BLOCKED_BY_CLIENT Failed to load resource: the server responded with a status of 403 (Forbidden) x2 I'm not sure now. because all that points to a setting on your computer. The first line states your browser refused to run javascript url because it tripped a security policy. The other two fall from that. the second line: blocked by client is from the first like not running javascript, the last one is because of the second one. What operating system are you using? You said you are using chrome. I use Win7 and chrome. If you use win7 try going to your control panel then internet options and look at your various settings in that. I have most of mine set for medium or medium high. I am using a Windows 8. To be honest, this OS has given me nothing but problems.

Those 2 "403 (forbidden)"s near the end are just images, so wouldn't prevent you from joining a campaign. The "Refused to execute inline script" entries toward the top are probably these: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' https://*.googlesyndication.com https://*.doubleclick.net https://*.googlesyndication.com <a href="https://www.googletagservices.com" rel="nofollow">https://www.googletagservices.com</a> https://*.googlesyndication.com <a href="https://ajax.googleapis.com" rel="nofollow">https://ajax.googleapis.com</a> https://*.googlesyndication.com <a href="https://cdn.firebase.com" rel="nofollow">https://cdn.firebase.com</a> https://*.googlesyndication.com https://*.tokbox.com https://*.googlesyndication.com <a href="http://static.opentok.com" rel="nofollow">http://static.opentok.com</a>". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. app.roll20.net/:8 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' https://*.googlesyndication.com https://*.doubleclick.net https://*.googlesyndication.com <a href="https://www.googletagservices.com" rel="nofollow">https://www.googletagservices.com</a> https://*.googlesyndication.com <a href="https://ajax.googleapis.com" rel="nofollow">https://ajax.googleapis.com</a> https://*.googlesyndication.com <a href="https://cdn.firebase.com" rel="nofollow">https://cdn.firebase.com</a> https://*.googlesyndication.com https://*.tokbox.com https://*.googlesyndication.com <a href="http://static.opentok.com" rel="nofollow">http://static.opentok.com</a>". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. app.roll20.net/:9 If you look at the actual code, you can see these are just NewRelic.com's instrumentation scripts: &lt;script type="text/javascript"&gt;window. NREUM ||( NREUM ={}); NREUM .info={"beacon":"beacon-6.newrelic.com","errorBeacon":"bam.nr-data.net","licenseKey":"50a61d60f7","applicationID":"1985886","transactionName":"cl0MRkRXVFxdFBZqW19TFkBXF3wCCEl+fGYRVwZbQldK","queueTime":0,"applicationTime":44,"ttGuid":"","agentToken":null,"agent":"js-agent. newrelic.com /nr-411.min.js"}&lt;/script&gt; &lt;script type="text/javascript"&gt;window. NREUM ||( NREUM ={}),__nr_require=function(t,n,e){function r(e){if(!n[e]){var o=n[e]={exports:{}};t[e][0].call(o.exports,function(n){var o=t[e][1][n];return r(o?o:n)},o,o.exports)}return n[e].exports}if("function"==typeof __nr_require)return __nr_require;for(var o=0;o&lt;e.length;o++)r(e[o]);return r}({D5DuLP:[function(t,n){function e(t,n){var e=r[t];return e?e.apply(this,n):(o[t]||(o[t]=[]),void o[t].push(n))}var r={},o={};n.exports=e,e.queues=o,e.handlers=r},{}],handle:[function(t,n){n.exports=t("D5DuLP")},{}],G9z0Bl:[function(t,n){function e(){var t=l.info= NREUM .info;if(t&&t.agent&&t.licenseKey&&t.applicationID&&p&&p.body){l.proto="https"===f.split(":")[0]||t.sslForHttp?"https://":"http://",i("mark",["onload",a()]);var n=p.createElement("script");n.src=l.proto+t.agent,p.body.appendChild(n)}}function r(){"complete"===p.readyState&&o()}function o(){i("mark",["domContent",a()])}function a(){return(new Date).getTime()}var i=t("handle"),u=window,p=u.document,s="addEventListener",c="attachEvent",f=(""+location).split("?")[0],l=n.exports={offset:a(),origin:f,features:[]};p[s]?(p[s]("DOMContentLoaded",o,!1),u[s]("load",e,!1)):(p[c]("onreadystatechange",r),u[c]("onload",e)),i("mark",["firstbyte",a()])},{handle:"D5DuLP"}],loader:[function(t,n){n.exports=t("G9z0Bl")},{}]},{},["G9z0Bl"]);&lt;/script&gt; New Relic is a performance instrumentation service for websites, the failure of these to load just means that Roll20 isn't getting instrumentation data for performance right now. When they improved their Content Security Policy recently, that probably prevented these from working. This wouldn't affect your ability to join the campaign. I don't see the net::ERR_BLOCKED_BY_CLIENT in this log.

Aaron said: Those 2 "403 (forbidden)"s near the end are just images, so wouldn't prevent you from joining a campaign. The "Refused to execute inline script" entries toward the top are probably these: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' https://*.googlesyndication.com https://*.doubleclick.net https://*.googlesyndication.com <a href="https://www.googletagservices.com" rel="nofollow">https://www.googletagservices.com</a> https://*.googlesyndication.com <a href="https://ajax.googleapis.com" rel="nofollow">https://ajax.googleapis.com</a> https://*.googlesyndication.com <a href="https://cdn.firebase.com" rel="nofollow">https://cdn.firebase.com</a> https://*.googlesyndication.com https://*.tokbox.com https://*.googlesyndication.com <a href="http://static.opentok.com" rel="nofollow">http://static.opentok.com</a>". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. app.roll20.net/:8 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' https://*.googlesyndication.com https://*.doubleclick.net https://*.googlesyndication.com <a href="https://www.googletagservices.com" rel="nofollow">https://www.googletagservices.com</a> https://*.googlesyndication.com <a href="https://ajax.googleapis.com" rel="nofollow">https://ajax.googleapis.com</a> https://*.googlesyndication.com <a href="https://cdn.firebase.com" rel="nofollow">https://cdn.firebase.com</a> https://*.googlesyndication.com https://*.tokbox.com https://*.googlesyndication.com <a href="http://static.opentok.com" rel="nofollow">http://static.opentok.com</a>". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. app.roll20.net/:9 If you look at the actual code, you can see these are just NewRelic.com's instrumentation scripts: &lt;script type="text/javascript"&gt;window. NREUM ||( NREUM ={}); NREUM .info={"beacon":"beacon-6.newrelic.com","errorBeacon":"bam.nr-data.net","licenseKey":"50a61d60f7","applicationID":"1985886","transactionName":"cl0MRkRXVFxdFBZqW19TFkBXF3wCCEl+fGYRVwZbQldK","queueTime":0,"applicationTime":44,"ttGuid":"","agentToken":null,"agent":"js-agent. newrelic.com /nr-411.min.js"}&lt;/script&gt; &lt;script type="text/javascript"&gt;window. NREUM ||( NREUM ={}),__nr_require=function(t,n,e){function r(e){if(!n[e]){var o=n[e]={exports:{}};t[e][0].call(o.exports,function(n){var o=t[e][1][n];return r(o?o:n)},o,o.exports)}return n[e].exports}if("function"==typeof __nr_require)return __nr_require;for(var o=0;o&lt;e.length;o++)r(e[o]);return r}({D5DuLP:[function(t,n){function e(t,n){var e=r[t];return e?e.apply(this,n):(o[t]||(o[t]=[]),void o[t].push(n))}var r={},o={};n.exports=e,e.queues=o,e.handlers=r},{}],handle:[function(t,n){n.exports=t("D5DuLP")},{}],G9z0Bl:[function(t,n){function e(){var t=l.info= NREUM .info;if(t&&t.agent&&t.licenseKey&&t.applicationID&&p&&p.body){l.proto="https"===f.split(":")[0]||t.sslForHttp?"https://":"http://",i("mark",["onload",a()]);var n=p.createElement("script");n.src=l.proto+t.agent,p.body.appendChild(n)}}function r(){"complete"===p.readyState&&o()}function o(){i("mark",["domContent",a()])}function a(){return(new Date).getTime()}var i=t("handle"),u=window,p=u.document,s="addEventListener",c="attachEvent",f=(""+location).split("?")[0],l=n.exports={offset:a(),origin:f,features:[]};p[s]?(p[s]("DOMContentLoaded",o,!1),u[s]("load",e,!1)):(p[c]("onreadystatechange",r),u[c]("onload",e)),i("mark",["firstbyte",a()])},{handle:"D5DuLP"}],loader:[function(t,n){n.exports=t("G9z0Bl")},{}]},{},["G9z0Bl"]);&lt;/script&gt; New Relic is a performance instrumentation service for websites, the failure of these to load just means that Roll20 isn't getting instrumentation data for performance right now. When they improved their Content Security Policy recently, that probably prevented these from working. This wouldn't affect your ability to join the campaign. I don't see the net::ERR_BLOCKED_BY_CLIENT in this log. I don't know why the BLOCKED_BY_CLIENT stopped showing up, but I still can't connect to the campaign. I'm still getting the error code like in the original post, and it keeps me from going past the loading screen.

This one: NEP:-JSa63_TwpxdWOj0wGQ6 Is it always the same? -JSa63_TwpxdWOj0wGQ6 looks like a Resource ID. That's out of my depth to help debug, hopefully Riley will drop in and look at this...

It's the Path of the Dragonstar. Here is the details link.

Riley D. said: Give it a try now. I can get into the campaign now. Thank you so so so much!