- ABP Framework version: v5.2.2.
- UI type: Angular
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): yes
- Exception message and stack trace:
- Steps to reproduce the issue:"
Hi, we have upgraded our solution to Abp 5.2.2 and got 1 issue when accessing the TenantSwitchModal, we are not allowed to add 'unsafe-eval' into script-src due to security test, below is our CSP:
default-src 'self'; script-src 'self'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;
Could you please help us take a look and advise?
7 Answer(s)
-
0
hi
Can you cancel the minify js and check what code caused the error?
-
0
Hi @maliming,
I have disabled the bundle and minify, this is the code caused the error:
Could you please help us take a look? thank you.
-
0
This is related to https://github.com/abpframework/abp/pull/11811/
You can use this version of
jquery-extensions.jsto solve it now. https://github.com/abpframework/abp/blob/20631dd85fccd1378c2627d86a5c2692166fa3b4/framework/src/Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared/wwwroot/libs/abp/aspnetcore-mvc-ui-theme-shared/jquery/jquery-extensions.js -
0
https://github.com/abpframework/abp/issues/14178
-
0
Hi maliming,
Thanks for your reply, may I know what are the steps to replace the jquery-extensions.js?
-
0
hi
https://docs.abp.io/en/abp/latest/Virtual-File-System#replacing-overriding-virtual-files
-
0
Thank @maliming, I managed to replace the file.
