Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: CSP with unsafe-eval detection with Trusted Types #27446

Merged
merged 1 commit into from Jan 25, 2021
Merged

fix: CSP with unsafe-eval detection with Trusted Types #27446

merged 1 commit into from Jan 25, 2021

Conversation

miniak
Copy link
Contributor

@miniak miniak commented Jan 22, 2021
edited

Description of Change

Fixes #27211
Need to use eval('') instead of new Function('') due to a bug in Trusted Types for function constructor.

Before:
Screen Shot 2021-01-22 at 6 05 07 AM
After:
Screen Shot 2021-01-22 at 6 05 23 AM

Checklist

Release Notes

Notes: Fixed CSP with unsafe-eval detection with Trusted Types.

@electron-cation electron-cation bot added the new-pr 🌱 PR opened in the last 24 hours label Jan 22, 2021
@miniak miniak changed the title fix: CSP with unsafe-eval detection with Trusted Types fix: CSP with unsafe-eval detection with Trusted Types Jan 22, 2021
@miniak miniak self-assigned this Jan 22, 2021
@miniak miniak added semver/none target/10-x-y semver/patch backwards-compatible bug fixes and removed semver/none labels Jan 22, 2021
@miniak miniak force-pushed the miniak/unsafe-eval-trusted-types branch 2 times, most recently from 2deeff3 to a49aa51 Compare January 22, 2021 05:43
@miniak miniak force-pushed the miniak/unsafe-eval-trusted-types branch from a49aa51 to ec8334b Compare January 22, 2021 06:14
@miniak miniak force-pushed the miniak/unsafe-eval-trusted-types branch 3 times, most recently from 9971606 to 1c22dba Compare January 22, 2021 19:35
@miniak miniak force-pushed the miniak/unsafe-eval-trusted-types branch from 1c22dba to 6d8bcaf Compare January 22, 2021 20:03
@electron-cation electron-cation bot removed the new-pr 🌱 PR opened in the last 24 hours label Jan 23, 2021
@zcbenz zcbenz merged commit 64b7be7 into master Jan 25, 2021
@release-clerk
Copy link

release-clerk bot commented Jan 25, 2021

Release Notes Persisted

Fixed CSP with unsafe-eval detection with Trusted Types.

@zcbenz zcbenz deleted the miniak/unsafe-eval-trusted-types branch January 25, 2021 01:31
@trop
Copy link
Contributor

trop bot commented Jan 25, 2021

I was unable to backport this PR to "12-x-y" cleanly;
you will need to perform this backport manually.

@trop
Copy link
Contributor

trop bot commented Jan 25, 2021

I was unable to backport this PR to "9-x-y" cleanly;
you will need to perform this backport manually.

@trop trop bot removed the target/9-x-y label Jan 25, 2021
This was referenced Jan 25, 2021
Merged
Merged
@trop
Copy link
Contributor

trop bot commented Jan 25, 2021

I have automatically backported this PR to "10-x-y", please check out #27468

@trop
Copy link
Contributor

trop bot commented Jan 25, 2021

I have automatically backported this PR to "11-x-y", please check out #27469

miniak added a commit that referenced this pull request Jan 25, 2021
@miniak
fix: CSP with unsafe-eval detection with Trusted Types (#27446)
7ad4230
@miniak miniak mentioned this pull request Jan 25, 2021
Merged
@trop
Copy link
Contributor

trop bot commented Jan 25, 2021

@miniak has manually backported this PR to "12-x-y", please check out #27471

miniak added a commit that referenced this pull request Jan 25, 2021
@miniak
fix: CSP with unsafe-eval detection with Trusted Types (#27446)
6767733
@miniak miniak mentioned this pull request Jan 25, 2021
Merged
@trop
Copy link
Contributor

trop bot commented Jan 25, 2021

@miniak has manually backported this PR to "9-x-y", please check out #27472

ckerr pushed a commit that referenced this pull request Jan 27, 2021
@miniak
fix: CSP with unsafe-eval detection with Trusted Types (#27446) (#2…
0604f87 
…7471)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@koto koto koto left review comments

@zcbenz zcbenz zcbenz approved these changes

@deepak1556 deepak1556 deepak1556 approved these changes

Assignees

@miniak miniak

Labels
semver/patch backwards-compatible bug fixes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Feature Request]: Enable w3c trusted types usage with electron apps
4 participants
@miniak @koto @zcbenz @deepak1556