10-10-2019, 03:53 PM
What IW version are you using? CSP is a lot of "feel good nonsense" in many areas, but 15.1 has been updated to be CSP compliant.
https://www.atozed.com/2019/07/15-1-0-h/
Content Security Policy (CSP) support. Read more about CSP here. https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
Good part of the rendering engine was refactored to remove inline JavaScript, CSS and unsafe code (according to CSP best practices). A nonce is now included in all scripts/link files.
Cross-Origin Resource Sharing (CORS) support. Read more about CORS here: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
https://www.atozed.com/2019/07/15-1-0-h/
Content Security Policy (CSP) support. Read more about CSP here. https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
Good part of the rendering engine was refactored to remove inline JavaScript, CSS and unsafe code (according to CSP best practices). A nonce is now included in all scripts/link files.
Cross-Origin Resource Sharing (CORS) support. Read more about CORS here: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS