How can I block these random scripts that are injected through google ads?
This is not perfect, but it seems to be very effective in my case (all pages are SSL) and also prevent SSL mixed mode messages caused by google ads third party plugin scripts...
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests; object-src 'none'">
Content-Security-Policy is critical to prevent mixed content errors (too many errors can show a "connection not secure" by the browser and memory leaks) https://blog.cloudflare.com/fixing-the-mixed-content-problem-with-automatic-https-rewrites and How does Content Security Policy work?
©2020 All rights reserved.