Refused to execute inline script because it violates the following Content Security

Question

Refused to execute inline script because it violates the following Content Security

elementalTIMING opened this issue 4 years ago · 0 comments

I've installed ngx-cookieconsent according the documentation. It runs with "ng serve" but when trying to get it to run in a SSR environment script execution fails with:

Console.log:

Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-d8xVpEfOlXT388lPL445U0wcaE4cweRSVh5BQpm9scE='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.

Browser shows

TypeError: Cannot read property 'initialise' of undefined at NgcCookieConsentService.init (/Volumes/Daten/Websites/SSN-NGX/dist/ssn-ngx/server/main.js:136222:32) at new NgcCookieConsentService (/Volumes/Daten/Websites/SSN-NGX/dist/ssn-ngx/server/main.js:136183:14) at Object.NgcCookieConsentService_Factory [as factory] (/Volumes/Daten/Websites/SSN-NGX/dist/ssn-ngx/server/main.js:136320:85) at R3Injector.hydrate (/Volumes/Daten/Websites/SSN-NGX/dist/ssn-ngx/server/main.js:105616:35) at R3Injector.get (/Volumes/Daten/Websites/SSN-NGX/dist/ssn-ngx/server/main.js:105437:33) at NgModuleRef$1.get (/Volumes/Daten/Websites/SSN-NGX/dist/ssn-ngx/server/main.js:118577:33) at Object.get (/Volumes/Daten/Websites/SSN-NGX/dist/ssn-ngx/server/main.js:118274:35) at getOrCreateInjectable (/Volumes/Daten/Websites/SSN-NGX/dist/ssn-ngx/server/main.js:98485:39) at Module.ɵɵdirectiveInject (/Volumes/Daten/Websites/SSN-NGX/dist/ssn-ngx/server/main.js:108978:12) at NodeInjectorFactory.AppComponent_Factory [as factory] (/Volumes/Daten/Websites/SSN-NGX/dist/ssn-ngx/server/main.js:70901:408) at getNodeInjectable (/Volumes/Daten/Websites/SSN-NGX/dist/ssn-ngx/server/main.js:98590:44) at instantiateRootComponent (/Volumes/Daten/Websites/SSN-NGX/dist/ssn-ngx/server/main.js:102288:23) at createRootComponent (/Volumes/Daten/Websites/SSN-NGX/dist/ssn-ngx/server/main.js:107804:23) at ComponentFactory$1.create (/Volumes/Daten/Websites/SSN-NGX/dist/ssn-ngx/server/main.js:118363:25) at ApplicationRef.bootstrap (/Volumes/Daten/Websites/SSN-NGX/dist/ssn-ngx/server/main.js:122702:42)

Bug Report or Feature Request (mark with an `x`)

- [X] bug report -> please search issues before submitting
- [ ] feature request

CookieConsent and Library Versions?

- cookieconsent version: current version
- ngx-cookieconsent version:  current version (2.2.3?)

OS Version?

macOS

Angular, Node and al Versions?

10.2.2

Repro steps

installed cookieconsent and ngx-cookieconsent step-by-step followed the documentation

The log given by the failure

Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-d8xVpEfOlXT388lPL445U0wcaE4cweRSVh5BQpm9scE='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.