I have pasted the following code in the console to try to import jQuery:
var jq = document.createElement("script");
jq.src = "http://code.jquery.com/jquery-3.6.0.min.js";
document.getElementsByTagName("head")[0].appendChild(jq);
However this output is shown:
Loading failed for the <script> with source "http://code.jquery.com/jquery-3.6.0.min.js".
Content Security Policy: The page's settings blocked the loading of a resource at http://code.jquery.com/jquery-3.6.0.min.js ("script-src").
It would seem that I need to enable mixed content, as the MDN article says:
- Click the padlock icon in the address bar.
- Click the arrow in the Site Information panel.
- Click Disable protection for now.
However there is no Disable protection for now button, as if it has never attempted to load the mixed content.
Is this a bug? Why can't I enable mixed content in the console?
For security reasons, browsers stopped allowing content served through http from websites served through https.
So you can simply solve your issue by replacing "http://code.jquery.com/jquery-3.6.0.min.js" with "https://code.jquery.com/jquery-3.6.0.min.js".
More details in the documentation : https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_content