TechQA.

WebView Content Security Policy exception in Google console firebase robo test

1.4k views Asked by At

Google console in tests via Firebase Robo test shows an exception.

Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src https://abs.twimg.com https://abs-0.twimg.com https://twitter.com https://mobile.twitter.com"

but in setting of WebView settings JS is enabled.

WebSettings settings = webview.getSettings();
settings.setJavaScriptEnabled(true);
webview.setWebChromeClient(new WebChromeClient());
settings.setSupportMultipleWindows(true);
settings.setDomStorageEnabled(true);

the same exception if put in the header

headers.put("Content-Security-Policy", "script-src 'self' 'unsafe-inline' 'unsafe-eval'");
security webview policy unsafe-eval
Original Q&A
0

There are 0 answers

Related Questions in SECURITY

Related Questions in WEBVIEW

Related Questions in POLICY

Related Questions in UNSAFE-EVAL

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions