CSP unsafe-eval

  • Resolved V.E.L

    (@vezraimanuel)


    5 years, 10 months ago

    Hi,

    can you guys update the JS to comply with CSP?

    CSP headers applied: script-src ‘strict-dynamic’ ‘nonce-h2qnTwraQWVPAtAeQ8mobwFLOcdXQsU5’;

    This is from the browser console:
    EvalError: call to Function() blocked by CSP tribe-events.min.js:1:4480
    Content Security Policy: The page’s settings blocked the loading of a resource at eval (“script-src”). tribe-events.min.js:1:4479

    The screenshot: https://i.imgur.com/hu7Lx6C.png

    Please note that WordPress itself works fine with this CSP header.

    thanks!

  • The topic ‘CSP unsafe-eval’ is closed to new replies.