There is also this warning in browser logs just before it fails: <script> source URI is not allowed in this document: “https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit&hl=en-GB”.

Hi John

What level of Enhanced Tracking Protection do you have set?

What happens when you turn it down to a lower level and reload that website?

Switched it off. Still fails in the same way

Current actions taken: Enhanced tracking protection: Switched off Disconnect add in: switched off for site Added stripe and the site in question that uses stripe to popup exceptions list Still fails. No idea why

Please don't make me use Chrome!

For the quickest idea I have, try to disable the Disconnect addon, restart Firefox & test again. It may be blocking that https://hcaptcha.com url that Stripe probably needs to make sure you're a human & not a bot.

Apologies for the frustrating experience on this one but the good news is, the error tells us it believes a ad blocker is the problem. So if you already flipped off a lot of the built-in Firefox Tracking Protection options & none of that fixed it. That leaves your addons as the last logical place this ad blocking could be coming from.

I took a really quick look at your addons & notice you have quite a few developer addons installed. Not saying all of these addons are to blame but if you could, try disabling all adblocking/tracker blocking addons similar to Disconnect. Close and reopen Firefox. And test a Stripe payment again. If it fails once more, go back & disable all your addons, shutdown & reopen Firefox & try a Stripe payment one more time. Hopefully it will be successful.

In the meantime, I'll look specifically for any other report of a Stripe payment failing & if the problematic addon or Firefox setting that caused it was found.

You can check for issues with Total Cookie Protection.

• https://support.mozilla.org/en-US/kb/total-cookie-protection-and-website-breakage-faq
• https://support.mozilla.org/en-US/kb/introducing-total-cookie-protection-standard-mode

Disabling Disconnect seemed to do the trick. THanks for your help

Awesome! Thanks for reporting back that fixed it. Hopefully Disconnect can update their lists to remove that hcaptcha.com domain because successfully making a payment should take priority over tracking concerns.

I seem to have found another complaint about this except it mentions a different captcha site called recaptcha.net: https://github.com/disconnectme/disconnect/issues/395

They could be closely related since the "Unblock Site" feature did not disable the blocking and the only fix was to completely disable the addon.

I've contacted them about the issue, hopefully they will look into it

I had a similar issue recently with hcaptcha & Paypal.

It appears that I had set network.http.referer.XOriginPolicy to 2. I had to reset it to the default (0) to make it work again – so that the script could access document.referrer and avoid trying to access window.location.ancestorOrigins (which is not implemented by Firefox).