How to resolve Content Security Policy (CSP) errors

29 Jul 20231 minute to read

Enabling the strict Content Security Policy (CSP) may cause the following issues with the Essential JS 2 controls in your application.

Template rendering

From the 2023 Vol2 - 22.1 release onwards, the Content Security Policy for Syncfusion controls has been enhanced. The usage of the unsafe-eval directive has been eliminated from the CSP meta tag.

In your application, utilizes string or external templates, it is advisable to rewrite them using the function template approach for template properties.

NOTE

If users prefer to continue using inline string and external templates, it is necessary to include the unsafe-eval directive in the CSP meta tag in order to bypass the CSP violation.

Image loading

Syncfusion license banner utilize the image from base64, which is not allowed on strict CSP-enabled sites. To overcome this restriction, it is necessary to add the img-src data: directive in the meta tag or consider registering the license key.