Just in case anyone comes across the same problem, let me save you some time:
I use ACF in the Block editor to place scripts inside my articles (some kind of embedded tools from a third party). However on my live server I get a JSON Error in Gutenberg “Invalid Response” when I enter a script tag in this field and save the post.
It’s not because of wp_kses blocking this or anything similar. In my case I’ve had the Cloudflare WAF enabled on that domain and one rule (“XSS, HTML Injection – Script Tag”) blocks the API Calls, when a script tag is present.
(Generally smart, but in my case more of a nuisance)
This is only specific to Cloudflare users, but could also be helpful if you’re behind a different WAF like Sucuri etc.
