Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Content Security Policy restrictions workaround #1263
Maybe this issue can be fixed by changing some functions.
// Check for css support
referenced this pull request
Oct 27, 2014
Cross Post From StackOverflow.
I am attempting to use the new Content Security Policy (CSP) HTTP headers on a test site. When I use CSP in conjunction with Modernizr I get CSP violation errors. This is the CSP policy I am using:
These are the errors from the Chrome browser console:
This workaround was first put forward in March, is there no more progress in getting this issue resolved. There is a comment in the StackOverflow question in which someone suggests taking a look at AngularJS as they have full support for CSP.
I know that I can include the unsafe-inline directive which can get around this error but this also enables unsafe code to run and negates the use of CSP in the first place. Does anyone have any solutions.