Open Mrlten opened 1 month ago
Thanks for filing this issue @Mrlten, and thank you for the minimal repro, we were able to reproduce the issue locally.
I am moving this issue for better triaging to where the @azure/communication-calling
lives.
@JamesBurnside thanks for moving it to the correct repository!
Describe the bug; what happened? Enabling the
BackgroundBlurEffect
(from@azure/communication-calling-effects
) requires you to haveunsafe-eval
added to the Content Security Policy header. Without it, the background blur can't start and videocalling will fail.Having to enable
unsafe-eval
could become a security issue because it opens up a lot of options for hackers. Maybe not with the ACS packages but you never know with other packages developers use in their apps.@azure/communication-calling-effects
is still in beta but I hope you can remove the need foreval / new Function(...)
.What are the steps to reproduce the issue?
acsbackgroundblur.client/src/App.tsx
and set theuserId/token
with valid data from your Azure Communication Servicenpm run dev
What behavior did you expect? The ability to use
BackgroundBlurEffect
without the need forunsafe-eval
in the Content Security Policy.If applicable, provide screenshots: n/a
In what environment did you see the issue?
@azure/communication-react
npm package version (if applicable): 1.17.0@azure/communication-calling
npm package version (if applicable): 1.26.2@azure/communication-calling-effects
npm package version (if applicable): 1.0.1OS & Device: Windows on PC
Browser: Microsoft Edge, Google Chrome
Browser Version: Edge: 126.0.2592.113, Chrome: 126.0.6478.128
Is there any additional information? n/a