Questions tagged [unsafe-inline]
20 questions
0
votes
0 answers
Content Security Policy script-src violated for inline event handlers in dhtmlx suite 4.2
I'm working on an app which is using dhtmlxSuite 4.2 and I was working on refactoring our code base in order to support Content Security Policy. For now, we are removing the 'unsafe-inline' and we are using a nonce to secure inline scripts.
Could…
vVv
- 1
- 1
0
votes
0 answers
Angular - hyperlink blocked by content-security-policy
I have an angular application, where the routes are defined in the left navigation bar as follows:
devC
- 1,384
- 5
- 32
- 56
0
votes
2 answers
How to use 'unsafe-inline' Content-Security-Policy in Vaadin?
I am developing an application with Vaadin and I use Content-Security-Policy in my BootstrapListener. When I test my application with OWASP ZAP, I have problem with script-src 'unsafe-inline' (medium risk). When I delete the 'unsafe-inline', my…
appvad
- 1
- 1
0
votes
0 answers
Patternlab: Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'none'"
I am the only frontend guy who gets the error when running Patternlab, while other devs seem to start it normally, I get the next error message (cross-browser)
I cannot seem to fix it no matter what I try, set up the project new, set up a new…
Nine
- 33
- 4
0
votes
1 answer
CSP solution for multiple inline scripts
So... CSP is implemented successfully on my site. However - my website use many inline scripts to redirect visitors depending on their HTML checkbox selections. In development, unsafe-inline has sufficed, but I'm now ready to go live and this is a…
seixwebdev
- 111
- 2
- 4
- 14