PVince81
commented
2 years ago or switch to a different loader that doesn't require eval...
Open PVince81 opened 2 years ago
PVince81
commented
2 years ago or switch to a different loader that doesn't require eval...
PVince81
commented
2 years ago I managed to temporarily hack the CSP rules to move forward, and now the next error:
v1r0x
commented
2 years ago I'm wondering if we should allow to disable loaders in the configuration, this way if someone is not using formats like IFC they could disable it and bypass the security concerns.
I wouldn't add configuration for each loader. Instead I'd add a setting to enable/disable all loaders that e.g. require eval or any other kind of additional configuration
[ ] requires https://github.com/v1r0x/files_3d/pull/59 to be merged first to get latest three JS
[ ] loader is not working due to unsafe-eval:
I'm wondering if we should allow to disable loaders in the configuration, this way if someone is not using formats like IFC they could disable it and bypass the security concerns.