Security Policy violation in v12.4
ste101 opened this issue ยท 5 comments
ste101 commented
After enabling 'Security: backend enforce content security policy' the browser console shows an error:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'nonce-hZ9wyV6mnjrpPd6ozVOvYLbp6iINP-M6PHEYsu8P01PrEz57DDXHqw' 'report-sample'". Either the 'unsafe-inline' keyword, a hash ('sha256-0X2iein9ND1TcikMOT8afvZuD14Bks0cMBKpkRhcY1I='), or a nonce ('nonce-...') is required to enable inline execution.
websi commented
I think
should be changed to-$pObject->addJsInlineCode('yoast-json-config', $jsonConfigUtility->render());
+$pObject->addJsInlineCode('yoast-json-config', $jsonConfigUtility->render(), true, false, true);
RinyVT commented
ste101 commented
Now it is working, thanks ๐
websi commented
Yes, with these changes it is working