-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Error: call to Function() blocked by CSP #861
Comments
What version of handlebars are you referencing in the file and line reference above? |
Added to the post (v2.0.0). Edit: Solved implementing precompile. |
Great to hear, that was going to be my suggestion but I wanted to make sure that it was the problem that I was thinking that it was. |
Is there another solution without precompile? |
I don't think so. Still, the precompile is a good option not only to avoid the "eval block", but also to have better performance. |
Hello guys, this is not resolved. Still seeing this line in the latest version: https://cdn.jsdelivr.net/npm/handlebars@latest/dist/handlebars.js
So the question remains: Is there a safe implementation of handlebars for the client side? |
CSP (content-security-policy) blocks Handlebars v2.0.0 rendering @ handlebars.js:2236
Allow 'unsafe-eval' is not an option. Is there a safe implementation of handlebars for the client side?
The text was updated successfully, but these errors were encountered: