You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've just installed FIR on an existing web server on which Content Security Policy is quite tight. In particular script-src is set to 'self' + our CDN server.
The "New event" button is not a regular href link, it's a call to Javascript function location.href.
Also, many page elements are loaded via inline javascript, like graphs for example.
None of these will work with tight/strict CSP. I need to add 'unsafe-inline' to CSP's header settings in order to display pages properly and being able to use "New event" button.
The text was updated successfully, but these errors were encountered:
Hello,
I've just installed FIR on an existing web server on which Content Security Policy is quite tight. In particular script-src is set to 'self' + our CDN server.
The "New event" button is not a regular href link, it's a call to Javascript function location.href.
Also, many page elements are loaded via inline javascript, like graphs for example.
None of these will work with tight/strict CSP. I need to add 'unsafe-inline' to CSP's header settings in order to display pages properly and being able to use "New event" button.
The text was updated successfully, but these errors were encountered: