Jump to content


Approved members
  • Content Count

  • Joined

  • Last visited

  1. The message: "Content Security Policy: The page settings have blocked the loading of a resource on eval ("script-src"). xajax.js" means that scripts xajax.js and min.php use eval-expressions. Some locks of eval expressions could be fixed if you have control over scripts. But following message: "Uncaught EvalError: call to eval() blocked by CSP" leave no chances - the call of eval() function require to use 'unsafe-eval' token in the script-src directive. Therefore you need at least to have: script-src 'self' 'unsafe-inline' 'unsafe-eval'; in the policy
  • Create New...