Here's my console log, if it helps. app.roll20.net/:12 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' https://*.googlesyndication.com https://*.doubleclick.net https://*.googlesyndication.com <a href="https://www.googletagservices.com" rel="nofollow">https://www.googletagservices.com</a> https://*.googlesyndication.com <a href="https://www.google-analytics.com" rel="nofollow">https://www.google-analytics.com</a> https://*.googlesyndication.com <a href="http://ajax.googleapis.com" rel="nofollow">http://ajax.googleapis.com</a> https://*.googlesyndication.com <a href="https://cdn.firebase.com" rel="nofollow">https://cdn.firebase.com</a> https://*.googlesyndication.com https://*.tokbox.com https://*.googlesyndication.com <a href="http://static.opentok.com" rel="nofollow">http://static.opentok.com</a> https://*.googlesyndication.com <a href="http://cdn.crowdin.com" rel="nofollow">http://cdn.crowdin.com</a> https://*.googlesyndication.com <a href="http://stun.l.google.com" rel="nofollow">http://stun.l.google.com</a>". Either the 'unsafe-inline' keyword, a hash ('sha256-bH8BVB4FJrlhmtmVkpRqVBCH/pLU5S+6wWj/tHZBJDo='), or a nonce ('nonce-...') is required to enable inline execution. app.roll20.net/:13 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' https://*.googlesyndication.com https://*.doubleclick.net https://*.googlesyndication.com <a href="https://www.googletagservices.com" rel="nofollow">https://www.googletagservices.com</a> https://*.googlesyndication.com <a href="https://www.google-analytics.com" rel="nofollow">https://www.google-analytics.com</a> https://*.googlesyndication.com <a href="http://ajax.googleapis.com" rel="nofollow">http://ajax.googleapis.com</a> https://*.googlesyndication.com <a href="https://cdn.firebase.com" rel="nofollow">https://cdn.firebase.com</a> https://*.googlesyndication.com https://*.tokbox.com https://*.googlesyndication.com <a href="http://static.opentok.com" rel="nofollow">http://static.opentok.com</a> https://*.googlesyndication.com <a href="http://cdn.crowdin.com" rel="nofollow">http://cdn.crowdin.com</a> https://*.googlesyndication.com <a href="http://stun.l.google.com" rel="nofollow">http://stun.l.google.com</a>". Either the 'unsafe-inline' keyword, a hash ('sha256-L63+heK6EG4X6TwJqO7jUtAvhvnAIw9NscPSnRoAq+A='), or a nonce ('nonce-...') is required to enable inline execution. app.roll20.net/:1 Refused to load the script 'data:application/javascript;base64,KGZ1bmN0aW9uKCkgewoJLy8gaHR0cHM6Ly9kZXZlbG9wZXJzLmdvb2dsZS5jb20vYW5hbHl0aWNzL2Rldmd1aWRlcy9jb2xsZWN0aW9uL2FuYWx5dGljc2pzLwoJdmFyIG5vb3BmbiA9IGZ1bmN0aW9uKCkgewoJCTsKCX07Cgl2YXIgbm9vcG51bGxmbiA9IGZ1bmN0aW9uKCkgewoJCXJldHVybiBudWxsOwoJfTsKCS8vCgl2YXIgVHJhY2tlciA9IGZ1bmN0aW9uKCkgewoJCTsKCX07Cgl2YXIgcCA9IFRyYWNrZXIucHJvdG90eXBlOwoJcC5nZXQgPSBub29wZm47CglwLnNldCA9IG5vb3BmbjsKCXAuc2VuZCA9IG5vb3BmbjsKCS8vCgl2YXIgdyA9IHdpbmRvdywKCQlnYU5hbWUgPSB3Lkdvb2dsZUFuYWx5dGljc09iamVjdCB8fCAn...0gY2F0Y2ggKGV4KSB7CgkJfQoJfTsKCWdhLmNyZWF0ZSA9IGZ1bmN0aW9uKCkgewoJCXJldHVybiBuZXcgVHJhY2tlcigpOwoJfTsKCWdhLmdldEJ5TmFtZSA9IG5vb3BudWxsZm47CglnYS5nZXRBbGwgPSBmdW5jdGlvbigpIHsKCQlyZXR1cm4gW107Cgl9OwoJZ2EucmVtb3ZlID0gbm9vcGZuOwoJd1tnYU5hbWVdID0gZ2E7CgkvLyBodHRwczovL2dpdGh1Yi5jb20vZ29yaGlsbC91QmxvY2svaXNzdWVzLzMwNzUKCXZhciBkbCA9IHcuZGF0YUxheWVyOwoJaWYgKCBkbCBpbnN0YW5jZW9mIE9iamVjdCAmJiBkbC5oaWRlIGluc3RhbmNlb2YgT2JqZWN0ICYmIHR5cGVvZiBkbC5oaWRlLmVuZCA9PT0gJ2Z1bmN0aW9uJyApIHsKCQlkbC5oaWRlLmVuZCgpOwoJfQp9KSgpOw==' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' https://*.googlesyndication.com https://*.doubleclick.net https://*.googlesyndication.com <a href="https://www.googletagservices.com" rel="nofollow">https://www.googletagservices.com</a> https://*.googlesyndication.com <a href="https://www.google-analytics.com" rel="nofollow">https://www.google-analytics.com</a> https://*.googlesyndication.com <a href="http://ajax.googleapis.com" rel="nofollow">http://ajax.googleapis.com</a> https://*.googlesyndication.com <a href="https://cdn.firebase.com" rel="nofollow">https://cdn.firebase.com</a> https://*.googlesyndication.com https://*.tokbox.com https://*.googlesyndication.com <a href="http://static.opentok.com" rel="nofollow">http://static.opentok.com</a> https://*.googlesyndication.com <a href="http://cdn.crowdin.com" rel="nofollow">http://cdn.crowdin.com</a> https://*.googlesyndication.com <a href="http://stun.l.google.com" rel="nofollow">http://stun.l.google.com</a>". app.js:31 70 app.js:32 TOUCH SUPPORTED: false app.js:32 USING WEBGL ACCELERATION... app.js:32 WEBGL STARTUP SUCCESS app.js:33 Custom Sheet Translation app.js:26 select app.js:26 Switch mode to select app.js:43 Initializing new dice engine with randomness... app.js:43 Using random entropy app.js:46 Compiling sheet... app.js:46 Found rolltemplate: simple app.js:46 Found rolltemplate: atk app.js:46 Found rolltemplate: dmg app.js:46 Found rolltemplate: atkdmg app.js:46 Found rolltemplate: desc app.js:46 Found rolltemplate: spell app.js:46 Found rolltemplate: traits app.js:46 Found rolltemplate: npc app.js:46 Found rolltemplate: npcatk app.js:46 Found rolltemplate: npcdmg app.js:46 Found rolltemplate: npcaction app.js:46 Found webworker script app.js:46 Finding sheet rolls... app.js:48 window resize app.js:32 Final set zoom! app.js:32 UPDATE GL SIZE! app.js:32 Final set zoom! tutorial_tips.js:7 tuts loaded app.roll20.net/:1 Mixed Content: The page at ' <a href="https://app.roll20.net/editor/" rel="nofollow">https://app.roll20.net/editor/</a> ' was loaded over HTTPS, but requested an insecure image ' <a href="http://imgsrv.roll20.net/?src=raw.githubusercontent.com/Roll20/roll20-character-sheets/master/5th%2520Edition%2520OGL%2520by%2520Roll20/images/srd5_360.png" rel="nofollow">http://imgsrv.roll20.net/?src=raw.githubusercontent.com/Roll20/roll20-character-sheets/master/5th%2520Edition%2520OGL%2520by%2520Roll20/images/srd5_360.png</a> '. This content should also be served over HTTPS. app.roll20.net/:1 Mixed Content: The page at ' <a href="https://app.roll20.net/editor/" rel="nofollow">https://app.roll20.net/editor/</a> ' was loaded over HTTPS, but requested an insecure image ' <a href="http://imgsrv.roll20.net/?src=raw.githubusercontent.com/Roll20/roll20-character-sheets/master/5th%2520Edition%2520OGL%2520by%2520Roll20/images/weight_lbs.png" rel="nofollow">http://imgsrv.roll20.net/?src=raw.githubusercontent.com/Roll20/roll20-character-sheets/master/5th%2520Edition%2520OGL%2520by%2520Roll20/images/weight_lbs.png</a> '. This content should also be served over HTTPS. 3app.roll20.net/:1 Mixed Content: The page at ' <a href="https://app.roll20.net/editor/" rel="nofollow">https://app.roll20.net/editor/</a> ' was loaded over HTTPS, but requested an insecure image ' <a href="http://imgsrv.roll20.net/?src=i.imgur.com/ZgULBCp.png" rel="nofollow">http://imgsrv.roll20.net/?src=i.imgur.com/ZgULBCp.png</a> '. This content should also be served over HTTPS. sheetsandboxworker.js?20170926:sourcemap:260 Starting up WEB WORKER /js/d20/sheetsandboxworker.js?20170926:260 Starting up WEB WORKER app.js:38 Final page load. app.js:48 Refresh jukebox List! app.js:38 Scan for new plays! app.js:38 Auth'ed. app.js:38 Go post auth! app.js:38 initial setup app.js:48 Refresh jukebox List! app.js:36 T.s app.js:38 Got players value... app.js:38 joining game... 26app.js:35 Full load page! app.js:38 We have 26 pages app.js:36 Player -JxNU8XoMocuriuKQXHv is offline... app.js:36 Global Volume: 100=1 app.js:36 Player -Jz1ZKtfBWXZDOOqNL9J is offline... app.js:36 Player -JzrCJcLVPZwQKIy8HwM is offline... app.js:36 Player -K0x8bldAKdNudan4DT5 is offline... app.js:36 Player -K0xSY4EKHC1D5XNlsW3 is offline... app.js:36 Player -K0xTPQyKLIOderg4rGX is offline... app.js:36 Player -KlLR38wOw31c3ugFlfo is offline... app.js:38 Deferred finish joining... app.js:31 Firebase Online app.js:41 refershing page listings! app.js:46 Refresh Journal List! app.js:46 Search took 10ms app.js:38 handle page changes app.js:38 false app.js:33 189 app.js:38 init active page! app.js:35 activate page! app.js:35 FULLY ACTIVATE VIEWS FOR PAGE. app.js:34 Do refresh link cache! app.js:46 Refresh Journal List! app.js:46 Search took 57ms app.js:38 Scan for new plays! app.js:48 Refresh jukebox List! app.js:35 Swapping <a href="https://s3.amazonaws.com/files.d20.io/images/3339" rel="nofollow">https://s3.amazonaws.com/files.d20.io/images/3339</a>... to <a href="https://s3.amazonaws.com/files.d20.io/images/3339" rel="nofollow">https://s3.amazonaws.com/files.d20.io/images/3339</a>... app.js:35 Graphics: 57 app.js:35 Swapping <a href="https://s3.amazonaws.com/files.d20.io/images/3339" rel="nofollow">https://s3.amazonaws.com/files.d20.io/images/3339</a>... to <a href="https://s3.amazonaws.com/files.d20.io/images/3339" rel="nofollow">https://s3.amazonaws.com/files.d20.io/images/3339</a>... app.js:35 Paths: 21 app.js:35 Reorder by ZORDER app.js:41 refershing page listings! app.js:35 Swapping <a href="https://s3.amazonaws.com/files.d20.io/images/2693" rel="nofollow">https://s3.amazonaws.com/files.d20.io/images/2693</a>... to <a href="https://s3.amazonaws.com/files.d20.io/images/2693" rel="nofollow">https://s3.amazonaws.com/files.d20.io/images/2693</a>... app.js:35 Reorder by ZORDER 3app.js:35 setting src app.js:35 Reorder by ZORDER app.js:30 Cols: 1 Rows: 2 app.js:30 Took 1ms to generate cache. 2app.js:31 new caster! app.js?1507048753:48 window resize app.js?1507048753:32 Final set zoom! app.js?1507048753:32 UPDATE GL SIZE! app.js?1507048753:32 Final set zoom! I'm using Google Chrome, whatever the latest version is. My operating system is Windows 7. I don't know how to tell if javascript is enabled, but I can pan with the middle mouse button on every other site in the world, and it worked just fine up until last Tuesday on Roll20, for the several years I've used this site. My antivirus software is Kaspersky, and hasn't been changed for a while, and hasn't caused any problems on Roll20 before. My extensions on Chrome appear to be: uBlock Origin, Imagus, Google Slides, Google Sheets, Google Docs Offline, and Google Docs. No idea if any of that helps, but it was all part of the "Step 4" process. I'm looking forward to this being fixed, because, uhh... well... it kind of sucks. I've been panning around games in Roll20 using the middle mouse button for some ~3 years now. Kind of a tough habit to break. Also, I noticed that in that console log, the word "refreshing" is spelled wrong a few times. ... I don't know if that's relevant. Okay, bye.