Topic: CSP issue in MDB.js code
Bidhuri free asked 1 year ago
There should not be CSP issue due to MDB.js file code
*_MDB.js file contain some piece of code that causes CSP issue *_
Note : I am using below version of code
Version: MDB Pro 4.20.0
ISSUE : Content Security Policy of your site blocks the use of 'eval' in JavaScript`
Below highlighted code is written at two places which cause this issue .
try { // This works if eval is allowed (see CSP) g = g || Function("return this")() || (1, eval)("this");} catch (e) { // This works if the window reference is available if ((typeof window === "undefined" ? "undefined" : _typeof(window)) === "object") g = window;}
Kamila Pieńkowska staff answered 1 year ago
Thanks for letting us know, we will look into this.
Pr0udN3rd free commented 11 months ago
This has been brought to your attention years ago but nothing seems to have happened since.
https://mdbootstrap.com/support/jquery/remove-eval-functions-from-code/
Kamila Pieńkowska staff commented 11 months ago
That's not exactly true. jQuery package is a separate product with its own support team. We will fix this problem.
FREE CONSULTATION
Hire our experts to build a dedicated project. We'll analyze your business requirements, for free.
Answered
- ForumUser: Free
- Premium support: No
- Technology: MDB Standard
- MDB Version: MDB5 4.2.0
- Device: Laptop
- Browser: Chrome
- OS: window
- Provided sample code: No
- Provided link: No