Topic: CSP issue in MDB.js code

Bidhuri free asked 1 year ago

There should not be CSP issue due to MDB.js file code

*_MDB.js file contain some piece of code that causes CSP issue *_

Note : I am using below version of code

Version: MDB Pro 4.20.0

ISSUE : Content Security Policy of your site blocks the use of 'eval' in JavaScript`

Below highlighted code is written at two places which cause this issue .

try { // This works if eval is allowed (see CSP) g = g || Function("return this")() || (1, eval)("this");} catch (e) { // This works if the window reference is available if ((typeof window === "undefined" ? "undefined" : _typeof(window)) === "object") g = window;}

Kamila Pieńkowska staff answered 1 year ago

Thanks for letting us know, we will look into this.

Pr0udN3rd free commented 11 months ago

This has been brought to your attention years ago but nothing seems to have happened since.

Kamila Pieńkowska staff commented 11 months ago

That's not exactly true. jQuery package is a separate product with its own support team. We will fix this problem.

Please insert min. 20 characters.


Hire our experts to build a dedicated project. We'll analyze your business requirements, for free.



Specification of the issue

  • ForumUser: Free
  • Premium support: No
  • Technology: MDB Standard
  • MDB Version: MDB5 4.2.0
  • Device: Laptop
  • Browser: Chrome
  • OS: window
  • Provided sample code: No
  • Provided link: No