Iframe api unsafe-eval
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Plan
Free/Premium
Country
Denmark
Device
Websites on chrome
My Question or Issue
When using the iframeapi it will not work unless you allow unsafe-eval in your CSP which is a no-go for most websites.
from the console:
Uncaught EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' open.spotify.com embed-cdn.spotifycdn.com *.g.doubleclick.net".
Labels:
- Labels:
-
Possible Bug
Reply
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page