NickTomlin/braintree-meteor-example

browser-policy package errors

Opened this issue · 1 comments

michaltakac commented

Is there a way to make this work with browser-policy package? https://atmospherejs.com/meteor/browser-policy

When I add this package into my meteor app, it doesn't show PayPal button and this error comes up:


Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'".

Exception in delivering result of invoking 'getClientToken': Error: Braintree API Client Misconfigured: clientToken is invalid.
    at n (http://localhost:3000/packages/nicktomlin_braintree-example.js?e748a4358c59a07bc66bc44934c1af46deb94d8d:35:10818)
    at Object.n [as getConfiguration] (http://localhost:3000/packages/nicktomlin_braintree-example.js?e748a4358c59a07bc66bc44934c1af46deb94d8d:35:8045)
    at Object.o [as setup] (http://localhost:3000/packages/nicktomlin_braintree-example.js?e748a4358c59a07bc66bc44934c1af46deb94d8d:35:1417)
    at initializeBraintree (http://localhost:3000/client/js/home.js?b9f20ec1afee08ebcc2eff4f3fbda7bdf857afd5:25:13)
    at http://localhost:3000/client/js/home.js?b9f20ec1afee08ebcc2eff4f3fbda7bdf857afd5:59:5
    at Meteor.bindEnvironment [as _callback] (http://localhost:3000/packages/meteor.js?43b7958c1598803e94014f27f5f622b0bddc0aaf:983:22)
    at _.extend._maybeInvokeCallback (http://localhost:3000/packages/ddp.js?d1840d3ba04c65ffade261f362e26699b7509706:3860:12)
    at _.extend.receiveResult (http://localhost:3000/packages/ddp.js?d1840d3ba04c65ffade261f362e26699b7509706:3880:10)
    at _.extend._livedata_result (http://localhost:3000/packages/ddp.js?d1840d3ba04c65ffade261f362e26699b7509706:4970:9)
    at onMessage (http://localhost:3000/packages/ddp.js?d1840d3ba04c65ffade261f362e26699b7509706:3725:12)
NickTomlin commented

Thanks for letting me know! I'm not familiar with that package; it could be an issue with how I am loading braintree into meteor client side, or just a CSP configuration issue. Can you show your browser-policy config? Also, do you have an example repo I could look at?