Problems with WURFL.JS coding
Posted: Mon Mar 14, 2016 2:29 pm
Hello,
When trying to add your javascript file to a website that is running Content Security Policy (CSP) Level 2. We get the following error:
Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src........."
Poorly coded Javascript still uses eval as its a security risk. Any chance to update your JS script. Or are we allowed to recode it ourselves...?
I am sure the world would love to use a safer script as well.
When trying to add your javascript file to a website that is running Content Security Policy (CSP) Level 2. We get the following error:
Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src........."
Poorly coded Javascript still uses eval as its a security risk. Any chance to update your JS script. Or are we allowed to recode it ourselves...?
I am sure the world would love to use a safer script as well.