EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive

AlaSQL / alasql

AlaSQL.js - JavaScript SQL database for browser and Node.js. Handles both traditional relational tables and nested JSON data (NoSQL). Export, store, and import data from localStorage, IndexedDB, or Excel.

http://alasql.org

MIT License

6.98k stars 649 forks source link

EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive #1861

Closed elangoRamar closed 6 months ago

elangoRamar commented 6 months ago

I am trying to use alasql in an browser environment, when i try to load the script which has alasql bundled within it is giving

EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive

Based on content security policy we can't use those JS functions mentioned in this link

It seems alasql is using new Function() which triggers the CSP error. how can we resolve this?

mathiasrw commented 6 months ago

AlaSQL is built around creating code. for new functions. If you are not allowed to create new functions then AlaSQL cant help you (until we made a version that preprocesses the functions as part of the build step - but we are not there yet)

githorse commented 5 months ago

Duplicates #1482, #1489, and #1667.