Alpine CSP Expression Error
dest4590 opened this issue · comments
I have an error when visiting the admin, I always have these windows open:
And I can not close them in any way, and in the console writes this:
alpine.js:1 Alpine Expression Error: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'".
Expression: "{ sidebarMobileOpen: false, sidebarDesktopOpen: true }"
I tried to find an issue like this, but I couldn't find it, they say that the problem is in cloudflare, I tried to turn off all optimization settings, but it didn't help me.
Are you using django-csp?
Are you using django-csp?
no, just unfold admin, you can check my project at https://github.com/dest4590/CollapseWeb
Are you using django-csp?
Hi, I fixed the error, it turns out that for some reason the admin thinks it is not allowed to use resources, I installed django-csp, and allowed all scripts and so on, and everything works, thanks.
I just added these lines to the settings
CSP_DEFAULT_SRC = ("'self'", "'unsafe-inline'", "'unsafe-eval'", "*")
CSP_IMG_SRC = ("'self'", "'unsafe-inline'", "'unsafe-eval'", "*", "data:")