Topic: CSP issue in MDB.js code

Bidhuri free asked 1 year ago

There should not be CSP issue due to MDB.js file code

*_MDB.js file contain some piece of code that causes CSP issue *_

Note : I am using below version of code

Version: MDB Pro 4.20.0

ISSUE : Content Security Policy of your site blocks the use of 'eval' in JavaScript`

Below highlighted code is written at two places which cause this issue .

try { // This works if eval is allowed (see CSP) g = g || Function("return this")() || (1, eval)("this");} catch (e) { // This works if the window reference is available if ((typeof window === "undefined" ? "undefined" : _typeof(window)) === "object") g = window;}

Kamila Pieńkowska staff answered 1 year ago

Thanks for letting us know, we will look into this.

Pr0udN3rd free commented 1 year ago

This has been brought to your attention years ago but nothing seems to have happened since.

Kamila Pieńkowska staff commented 1 year ago

That's not exactly true. jQuery package is a separate product with its own support team. We will fix this problem.

Please insert min. 20 characters.


Hire our experts to build a dedicated project. We'll analyze your business requirements, for free.



Specification of the issue

  • ForumUser: Free
  • Premium support: No
  • Technology: MDB Standard
  • MDB Version: MDB5 4.2.0
  • Device: Laptop
  • Browser: Chrome
  • OS: window
  • Provided sample code: No
  • Provided link: No