Content Security Policy and script-src

  • Hi,

    I’m attempting to implement a Content Security Policy (CSP), but it appears that your plugin uses jquery.fancybox.min.js with an eval function, resulting in an error on my pages:

    EvalError: Refused to evaluate a string as JavaScript because ‘unsafe-eval’ is not an allowed source of script in the following Content Security Policy directive: “script-src ‘self'”

    Could you please advise on how to address this issue?

  • The topic ‘Content Security Policy and script-src’ is closed to new replies.