How to resolve Content Security Policy (CSP) errors
29 Jul 20231 minute to read
Enabling the strict Content Security Policy (CSP) may cause the following issues with the Essential JS 2 controls in your application.
From the 2023 Vol2 - 22.1 release onwards, the Content Security Policy for Syncfusion controls has been enhanced. The usage of the
unsafe-evaldirective has been eliminated from the CSP meta tag.
In your application, utilizes string or external templates, it is advisable to rewrite them using the function template approach for template properties.
If users prefer to continue using inline string and external templates, it is necessary to include the
unsafe-evaldirective in the CSP meta tag in order to bypass the CSP violation.
Syncfusion license banner utilize the image from base64, which is not allowed on strict CSP-enabled sites. To overcome this restriction, it is necessary to add the
img-src data: directive in the meta tag or consider registering the license key.