Open Closed

Issue with Content-Security-Policy after upgrade to Abp 5 #3578


User avatar
0
nhontran created
  • ABP Framework version: v5.2.2.
  • UI type: Angular
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): yes
  • Exception message and stack trace:
  • Steps to reproduce the issue:"

Hi, we have upgraded our solution to Abp 5.2.2 and got 1 issue when accessing the TenantSwitchModal, we are not allowed to add 'unsafe-eval' into script-src due to security test, below is our CSP:

default-src 'self'; script-src 'self'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;

Could you please help us take a look and advise?


1 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Can you check what's the js code to get this error?

Made with ❤️ on ABP v9.1.0-preview. Updated on December 10, 2024, 06:38