I am getting a number of errors and warnings in my console.log even when I open a completely new and empty character sheet. Can anyone help with me the meanings and how I may be able to correct them - especially the one that is part of the character sheet coding we did ? ERROR: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' https://*.googlesyndication.com https://*.doubleclick.net <a href="https://partner.googleadservices.com" rel="nofollow">https://partner.googleadservices.com</a> <a href="https://www.googletagservices.com" rel="nofollow">https://www.googletagservices.com</a> <a href="https://ssl.google-analytics.com" rel="nofollow">https://ssl.google-analytics.com</a> <a href="https://www.google-analytics.com" rel="nofollow">https://www.google-analytics.com</a> <a href="https://ajax.googleapis.com" rel="nofollow">https://ajax.googleapis.com</a> <a href="http://ajax.googleapis.com" rel="nofollow">http://ajax.googleapis.com</a> <a href="https://d3clqjduf2gvxg.cloudfront.net" rel="nofollow">https://d3clqjduf2gvxg.cloudfront.net</a> <a href="https://cdn.firebase.com" rel="nofollow">https://cdn.firebase.com</a> https://*.firebaseio.com https://*.tokbox.com https://*.opentok.com <a href="http://static.opentok.com" rel="nofollow">http://static.opentok.com</a> <a href="http://www.google-analytics.com" rel="nofollow">http://www.google-analytics.com</a> <a href="http://cdn.crowdin.com" rel="nofollow">http://cdn.crowdin.com</a> <a href="https://crowdin.com" rel="nofollow">https://crowdin.com</a> <a href="http://stun.l.google.com" rel="nofollow">http://stun.l.google.com</a>". Either the 'unsafe-inline' keyword, a hash ('sha256-QX4CI/e5r69tjxlMTJ1UaTJnsTNfMLt4KqPov2Sl1WY='), or a nonce ('nonce-...') is required to enable inline execution. ERROR: Error in event handler for (unknown): TypeError: k.clipboard.setClipboard is not a function at chrome-extension://admmjipmmciaobhojoghlmleefbicajg/content/scripts/IDSWAX.js:22:492 ERROR: Access to Image at '<a href="http://imgsrv.roll20.net:5100/?src=fc06.deviantart.net/fs71/f/2012/096/b/b/german_soldier_study_by_zorrentos-d4v696y.jpg&cb=5" rel="nofollow">http://imgsrv.roll20.net:5100/?src=fc06.deviantart.net/fs71/f/2012/096/b/b/german_soldier_study_by_zorrentos-d4v696y.jpg&cb=5</a>' from origin '<a href="https://app.roll20.net" rel="nofollow">https://app.roll20.net</a>' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin '<a href="https://app.roll20.net" rel="nofollow">https://app.roll20.net</a>' is therefore not allowed access. WARNING: (This is obviously part of the character sheet code, but I have about 20 of them) The specified value "[[(@{hit_points|max}) * -5]]" is not a valid number. The value must match to the following regular expression: -?(\d+|\d+\.\d+|\.\d+)([eE][-+]?\d+)? WARNING: 24 Mixed Content: The page at '<URL>' was loaded over HTTPS, but requested an insecure image '<URL>'. This content should also be served over HTTPS. One of the items listed under it: Mixed Content: The page at '<a href="https://app.roll20.net/editor/" rel="nofollow">https://app.roll20.net/editor/</a>' was loaded over HTTPS, but requested an insecure image '<a href="http://imgsrv.roll20.net/?src=raw.githubusercontent.com/Roll20/roll20-character-sheets/master/GURPS/Images/Speed_Range_Table.PNG" rel="nofollow">http://imgsrv.roll20.net/?src=raw.githubusercontent.com/Roll20/roll20-character-sheets/master/GURPS/Images/Speed_Range_Table.PNG</a>'. This content should also be served over HTTPS.
