https://community.spotify.com/t5/Spotify-for-Developers/Iframe-api-unsafe-eval/m-p/6051775#M13778 <P><STRONG>Plan</STRONG></P><P>Free/Premium</P><P><STRONG>Country</STRONG></P><P>Denmark</P><P><STRONG>Device</STRONG></P><P><SPAN>Websites on chrome</SPAN></P><P><STRONG>My Question or Issue</STRONG></P><P>When using the iframeapi it will not work unless you allow unsafe-eval in your CSP which is a no-go for most websites.<BR /><BR />from the console:</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><LI-CODE lang="markup">Uncaught EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' open.spotify.com embed-cdn.spotifycdn.com *.g.doubleclick.net". </LI-CODE><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Mon, 06 May 2024 07:25:07 GMT icew1nd 2024-05-06T07:25:07Z https://community.spotify.com/t5/Spotify-for-Developers/Iframe-api-unsafe-eval/m-p/6051775#M13778 <P><STRONG>Plan</STRONG></P><P>Free/Premium</P><P><STRONG>Country</STRONG></P><P>Denmark</P><P><STRONG>Device</STRONG></P><P><SPAN>Websites on chrome</SPAN></P><P><STRONG>My Question or Issue</STRONG></P><P>When using the iframeapi it will not work unless you allow unsafe-eval in your CSP which is a no-go for most websites.<BR /><BR />from the console:</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><LI-CODE lang="markup">Uncaught EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' open.spotify.com embed-cdn.spotifycdn.com *.g.doubleclick.net". </LI-CODE><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Mon, 06 May 2024 07:25:07 GMT https://community.spotify.com/t5/Spotify-for-Developers/Iframe-api-unsafe-eval/m-p/6051775#M13778 icew1nd 2024-05-06T07:25:07Z