Drag and Drop from compendium fails

(I can't figure out how to move the picture, so I'll just leave it there...) Hello. I have a feeling this is a user error but I have spent two days trying to figure this out and I haven't been able to yet. I have already tried the 3 steps in&nbsp;Solving_Technical_Issues so now I am at step 4. When I try to drag and drop a NPC from the Pathfinder bestiary it doesn't fill in the stat block and just has a "Building NPC..." sign on the Character sheet. I get an entry on in Journal. The Bio &amp; Info is filled out, but the Character sheet is unusable.&nbsp; I reproduce it by starting up my game. Finding a creature I want from the compendium and dragging it onto the map. Browser:&nbsp; Chrome 81.0.4044.113 Operating System: Windows 10 64-bit Javascript enabled: Yes Antivirus: Bitdefender (I tried with it disabled) Browser add-ons: I disabled all of them and it still didn't work. Normally I have Adblocker and Google Docs Offline. Here is the Console Log: app.roll20.net/:12 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'nonce-AxfOxoftjFPTmOM1' <a href="http://cdn.inspectlet.com" rel="nofollow">http://cdn.inspectlet.com</a> https://*.googlesyndication.com https://*.doubleclick.net <a href="https://partner.googleadservices.com" rel="nofollow">https://partner.googleadservices.com</a> <a href="https://www.googletagservices.com" rel="nofollow">https://www.googletagservices.com</a> <a href="https://ssl.google-analytics.com" rel="nofollow">https://ssl.google-analytics.com</a> <a href="https://www.google-analytics.com" rel="nofollow">https://www.google-analytics.com</a> <a href="https://ajax.googleapis.com" rel="nofollow">https://ajax.googleapis.com</a> <a href="http://ajax.googleapis.com" rel="nofollow">http://ajax.googleapis.com</a> <a href="https://d3clqjduf2gvxg.cloudfront.net" rel="nofollow">https://d3clqjduf2gvxg.cloudfront.net</a> <a href="https://cdn.firebase.com" rel="nofollow">https://cdn.firebase.com</a> https://*.firebaseio.com https://*.tokbox.com https://*.opentok.com <a href="http://static.opentok.com" rel="nofollow">http://static.opentok.com</a> <a href="http://www.google-analytics.com" rel="nofollow">http://www.google-analytics.com</a> <a href="http://cdn.crowdin.com" rel="nofollow">http://cdn.crowdin.com</a> <a href="https://crowdin.com" rel="nofollow">https://crowdin.com</a> <a href="http://stun.l.google.com" rel="nofollow">http://stun.l.google.com</a>". Either the 'unsafe-inline' keyword, a hash ('sha256-LcTfowDjbm3Thy+pk+XkqxKvFRsGTRKR9X2bUbgypIM='), or a nonce ('nonce-...') is required to enable inline execution. app.roll20.net/:13 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'nonce-AxfOxoftjFPTmOM1' <a href="http://cdn.inspectlet.com" rel="nofollow">http://cdn.inspectlet.com</a> https://*.googlesyndication.com https://*.doubleclick.net <a href="https://partner.googleadservices.com" rel="nofollow">https://partner.googleadservices.com</a> <a href="https://www.googletagservices.com" rel="nofollow">https://www.googletagservices.com</a> <a href="https://ssl.google-analytics.com" rel="nofollow">https://ssl.google-analytics.com</a> <a href="https://www.google-analytics.com" rel="nofollow">https://www.google-analytics.com</a> <a href="https://ajax.googleapis.com" rel="nofollow">https://ajax.googleapis.com</a> <a href="http://ajax.googleapis.com" rel="nofollow">http://ajax.googleapis.com</a> <a href="https://d3clqjduf2gvxg.cloudfront.net" rel="nofollow">https://d3clqjduf2gvxg.cloudfront.net</a> <a href="https://cdn.firebase.com" rel="nofollow">https://cdn.firebase.com</a> https://*.firebaseio.com https://*.tokbox.com https://*.opentok.com <a href="http://static.opentok.com" rel="nofollow">http://static.opentok.com</a> <a href="http://www.google-analytics.com" rel="nofollow">http://www.google-analytics.com</a> <a href="http://cdn.crowdin.com" rel="nofollow">http://cdn.crowdin.com</a> <a href="https://crowdin.com" rel="nofollow">https://crowdin.com</a> <a href="http://stun.l.google.com" rel="nofollow">http://stun.l.google.com</a>". Either the 'unsafe-inline' keyword, a hash ('sha256-/XHNKTzdVLpPBcMgsOl9LN6PEC5ufZbaLdoU14BWKr0='), or a nonce ('nonce-...') is required to enable inline execution. jquery.migrate.js:20 JQMIGRATE: Logging is active app.roll20.net/:15 CAMPAIGN ID: 6840834 app.js?1586964336:552 70 app.js?1586964336:554 TOUCH SUPPORTED: false app.js?1586964336:554 USING WEBGL ACCELERATION... app.js?1586964336:554 WEBGL STARTUP SUCCESS app.js?1586964336:556 Custom Sheet Translation app.js?1586964336:574 Loading Custom character sheet. app.js?1586964336:574 Including compendium template css. tutorial_tips.js:7 tuts loaded app.roll20.net/:1 [DOM] Found 2 elements with non-unique id #color_value: (More info: <a href="https://goo.gl/9p2vKq" rel="nofollow">https://goo.gl/9p2vKq</a>) &lt;input type=​"text" size=​"8" id=​"color_value"&gt;​ &lt;input type=​"text" size=​"8" id=​"color_value"&gt;​ app.js?1586964336:563 Final page load. sheetsandboxworker.js?1587006155281:682 Starting up WEB WORKER app.js?1586964336:561 Auth'ed. app.js?1586964336:561 Go post auth! app.js?1586964336:561 initial setup app.js?1586964336:561 joining game... app.js?1586964336:559 Player -M4b0JMDXSXp4JzPOwby is offline... app.js?1586964336:559 Player -M4jjKP1MzhD_WBVpmFE is offline... app.js?1586964336:559 Player -M4t1treDUiyvQyqu2hy is offline... app.js?1586964336:561 Deferred finish joining... app.js?1586964336:552 Firebase Online 10app.js?1586964336:558 Full load page! app.js?1586964336:561 We have 10 pages sheetsandboxworker.js?1587006155271:682 Starting up WEB WORKER app.roll20.net/:1 [DOM] Found 11 elements with non-unique id #color_value: (More info: <a href="https://goo.gl/9p2vKq" rel="nofollow">https://goo.gl/9p2vKq</a>) &lt;input type=​"text" size=​"8" id=​"color_value"&gt;​ &lt;input type=​"text" size=​"8" id=​"color_value"&gt;​ &lt;input type=​"text" size=​"8" id=​"color_value"&gt;​ &lt;input type=​"text" size=​"8" id=​"color_value"&gt;​ &lt;input type=​"text" size=​"8" id=​"color_value"&gt;​ &lt;input type=​"text" size=​"8" id=​"color_value"&gt;​ &lt;input type=​"text" size=​"8" id=​"color_value"&gt;​ &lt;input type=​"text" size=​"8" id=​"color_value"&gt;​ &lt;input type=​"text" size=​"8" id=​"color_value"&gt;​ &lt;input type=​"text" size=​"8" id=​"color_value"&gt;​ &lt;input type=​"text" size=​"8" id=​"color_value"&gt;​ 2thumb.png:1 Failed to load resource: the server responded with a status of 403 (Forbidden) app.js?1586964336:576 Compendium item dropped onto canvas! jquery-1.9.1.js:507 Uncaught Error: cannot call methods on dialog prior to initialization; attempted to call method 'option' &nbsp; &nbsp; at Function.error (jquery-1.9.1.js:507) &nbsp; &nbsp; at HTMLDivElement.&lt;anonymous&gt; (jquery-ui.1.9.0.custom.min.js?1530038378:520) &nbsp; &nbsp; at Function.each (jquery-1.9.1.js:648) &nbsp; &nbsp; at jQuery.fn.init.each (jquery-1.9.1.js:270) &nbsp; &nbsp; at jQuery.fn.init.$.fn.&lt;computed&gt; [as dialog] (jquery-ui.1.9.0.custom.min.js?1530038378:516) &nbsp; &nbsp; at Worker.&lt;anonymous&gt; (app.js?1586964336:575) app.js?1586964336:576 No default token, falling back to generic token 2DevTools failed to load SourceMap: Could not load content for <a href="https://app.roll20.net/js/d20/underscore-min.map" rel="nofollow">https://app.roll20.net/js/d20/underscore-min.map</a>: HTTP error: status code 404, net::ERR_HTTP_RESPONSE_CODE_FAILURE

Fixed! The issue was that I had the "Use window popouts for characters" checkbox checked in the settings. The NPCs seem to have trouble populating the character sheet in a popout and so when I turned off that setting it immediately set up the character sheet for me (for new NPCs).

Yes, when a character sheet is "popped out", it doesn't have quite all functionalities as when integrated. See here for more info: <a href="https://wiki.roll20.net/Character_Sheets#Character_Sheet_in_a_separate_window" rel="nofollow">https://wiki.roll20.net/Character_Sheets#Character_Sheet_in_a_separate_window</a>