You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Horizon dashboard does not work when using content security headers without unsafe-eval
Here is the error displayed in my console.
Steps To Reproduce:
I'm using a package bepsvpt/secure-headers to add CSP to header.
unsafe-eval is set to false in config/secure-headers.php which does not add unsafe-eval to CSP.
Dashboard does work when unsafe-eval is set to true, But I cannot have unsafe-eval added to CSP for security reasons.
The text was updated successfully, but these errors were encountered:
I see the warning too but Horizon works for me without that package. Would appreciate any PR that solves this issue but for now it doesn't seems to be a blocker on default Horizon installations.
Description:
Horizon dashboard does not work when using content security headers without unsafe-eval
Here is the error displayed in my console.
Steps To Reproduce:
I'm using a package bepsvpt/secure-headers to add CSP to header.
unsafe-eval is set to false in config/secure-headers.php which does not add unsafe-eval to CSP.
Dashboard does work when unsafe-eval is set to true, But I cannot have unsafe-eval added to CSP for security reasons.
The text was updated successfully, but these errors were encountered: