unsafe-eval is actually needed in CSP otherwise custom user scripts cannot be evaluated

2020-06-30 12:33:08 +02:00 · 2020-06-30 12:33:08 +02:00 · 3abec7910f
parent e116cebbbd
commit 3abec7910f
1 changed files with 1 additions and 0 deletions
--- a/src/manifest.json
+++ b/src/manifest.json
@ -2,6 +2,7 @@
  "name": "platypush",
  "description": "Web extension for interacting with one or more Platypush instances via browser",
  "version": "0.1.2",
+  "content_security_policy": "script-src 'self' 'unsafe-eval'; object-src 'self'",
  "manifest_version": 2,
  "icons": {
    "16": "icons/icon-16.png",