Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

CSP Error


Level 1

ERROR EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

    at new Function (<anonymous>)

    at t.init (satelliteLib-3083d39de3b1695199f0f543f01765b031bcb8d7-staging.js:4)

    at Location._satellite.init.pageLoadRules.trigger.arguments (satelliteLib-3083d39de3b1695199f0f543f01765b031bcb8d7-staging.js:4)

    at satelliteLib-3083d39de3b1695199f0f543f01765b031bcb8d7-staging.js:3

    at satelliteLib-3083d39de3b1695199f0f543f01765b031bcb8d7-staging.js:3

    at Object.each (satelliteLib-3083d39de3b1695199f0f543f01765b031bcb8d7-staging.js:2)

    at b.executeCustomSetupFuns (satelliteLib-3083d39de3b1695199f0f543f01765b031bcb8d7-staging.js:3)

    at b.$trackPageView (satelliteLib-3083d39de3b1695199f0f543f01765b031bcb8d7-staging.js:3)

    at b.triggerCommand (satelliteLib-3083d39de3b1695199f0f543f01765b031bcb8d7-staging.js:2)

    at b.flushQueueExceptTrackLink (satelliteLib-3083d39de3b1695199f0f543f01765b031bcb8d7-staging.js:3)

Does anyone perhaps have a means to resolve this error?

It seems to fail irrespective of the variant attempted and the biggest issue seems to be the use of unsafe-eval and unsafe-inline.


"default-src 'self' 'unsafe-inline' * *; font-src 'self' data:; img-src 'self' data: *;"


script-src * data: https://xxxxxxxxxx 'unsafe-eval'; in the content-string to script-src * data: https://xxxxxx 'unsafe-inline' 'unsafe-eval';

0 Replies