'unsafe-eval'
hi guys i have an issue with js 'unsafe-eval', just a fresh installation (l12 & f4) and follow first steps...how do you manage it?
1 Reply
found that i had security headers on my nginx:
Security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;
removing last one, removes the issues...