Verifiers UI are required to have unsafe-eval in their Content Security Policy (CSP) to use our library because we are using ajv compile at runtime. To have a more secure CSP, we will be compiling the schemas at build time instead.
there are two types of validation modes in our codebase - strict and non-strict; hence there are two compiled javascript functions file which caters for both scenarios.
removed compilation of schema during runtime to avoid the need for unsafe-eval on Verifiers UI
make use of the compiled schema javascript functions for validation
modified tsconfig.json to allowJs imports (to import the compiled files)
Context
unsafe-eval
in their Content Security Policy (CSP) to use our library because we are using ajv compile at runtime. To have a more secure CSP, we will be compiling the schemas at build time instead.What this PR does
strict
andnon-strict
; hence there are two compiled javascript functions file which caters for both scenarios.unsafe-eval
on Verifiers UItsconfig.json
toallowJs
imports (to import the compiled files)