Open sorin-davidoi opened 3 years ago
Using the script-src directive without 'unsafe-eval' results in a violation:
script-src
'unsafe-eval'
Content Security Policy: The page's settings blocked the loading of a resource at eval ("script-src").
This is caused by the following line in http://static.filestackapi.com/filestack-js/3.17.0/filestack.min.js:
try{i=i||new Function("return this")()}catch(t)
While this doesn't seem to affect the functionality of the library, if one uses the report-uri directive it will result in useless HTTP requests being made.
report-uri
This is affecting us in production too. Is there any way to disable this unsafe-eval call?
unsafe-eval
Hello, same here !
Using the
script-src
directive without'unsafe-eval'
results in a violation:This is caused by the following line in http://static.filestackapi.com/filestack-js/3.17.0/filestack.min.js:
While this doesn't seem to affect the functionality of the library, if one uses the
report-uri
directive it will result in useless HTTP requests being made.