Closed RuiMadeira closed 2 years ago
Hi,
Thanks for reporting this - we are aware of this issue and it's been fixed and will be available in our next release, currently scheduled for next week.
Our reference for this issue is AG-AG-6968.
thanks
Hi!
Thank you very much for the response. Looking forward to the release then.
Thanks
Hi,
Version 28.1.0 have AG-Grid has been released, which includes a fix for this issue.
Thank you for reporting this.
I'm submitting a ...
Providing a Reproducible Scenario This is difficult to provide a reproducible scenario but basically is just building and deploying an app with version 28.0.0 of AG Grid, using also AG Grid Enterprise and then providing it through a server that serves a content-security-policy that doesn't allow the
eval
function (basically one without'unsafe-eval'
).Current behavior App won't load because of content-security-policy, giving out the error:
"Uncaught EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: [...]"
.Code causing the issue:
Expected behavior App loads and uses AG Grid as normal.
eval
function should not be used since it's a security risk: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/evalPlease tell us about your environment: Linux Mint 20.3 Cinnamon Visual Studio Code NPM AgGrid for Angular
AG Grid version: 28.0.0
Browser: Google Chrome
Language: TypeScript 4.7.4