`Refused to execute inline script` error - Githubissues

ckeditor / github-writer

GitHub Writer - WYSIWYG Rich-Text Editor for GitHub, powered by CKEditor.

https://ckeditor.com/

Other

379 stars 61 forks source link

`Refused to execute inline script` error #342

Closed Dumluregn closed 2 years ago

Dumluregn commented 2 years ago

📝 Provide detailed reproduction steps (if any)

Build GH Writer from the source on master branch (hash: 74722ae0db942224d4888432cf9debbe263dd4b7).
Load Writer in Chrome.
Open any GH page where Writer should be loaded.

✔️ Expected result

No errors in the console.

❌ Actual result

The following error is visible in the console:

Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'wasm-unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-+8LOlD4PNi4YZAzooyUzYTZgNq70J7aV6CeuZT5R8hs='), or a nonce ('nonce-...') is required to enable inline execution.

Note that this does not break the writer.

❓ Possible solution

@mateuszzagorski suggested that it can be connected with the manifest changes done in #324.

The currently released version (1.9.0) is not affected.

If you'd like to see this fixed sooner, add a 👍 reaction to this post.

Dumluregn commented 2 years ago

And now I can confirm that after reverting the manifest change in 3e31fc5 (due to https://github.com/ckeditor/github-writer/pull/324#issuecomment-1176169356)) the error is not present, so when #320 is revisited let's pay attention and try to avoid this bug.